Skip to main content
CVE-2014-6313 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.2.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the range parameter on the wc-reports. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Woocommerce Plugin
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3825 MEDIUM This Month

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +10
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-8070 MEDIUM This Month

Open redirect vulnerability in YOOtheme Pagekit CMS 0.8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

PHP Open Redirect Pagekit
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2014-8765 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Project Issue File Review module (PIFR) module 6.x-2.x before 6.x-2.17 for Drupal allow (1) remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Project Issue File Review
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-8069 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in YOOtheme Pagekit CMS 0.8.7 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP Referer header to index.php/user or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Pagekit
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy