CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Post Highlights Projects: >> Post Highlights >> 2.4.1 Security Vulnerabilities

CVE-2014-8087

Cross-site scripting (XSS) vulnerability in the post highlights plugin before 2.6.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the txt parameter in a headline action to ajax/ph_save.php.

CVSS Score

6.1

EPSS Score

0.003

Published

2017-10-16

Page 1

Vulnerabilities

Vulnerable Software

Post Highlights Projects: >> Post Highlights >> 2.4.1 Security Vulnerabilities

Products

Pricing

Contact Us