CyberSec.Space Logo
Back to CVE Browser

CVE-2014-10012

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0660%
EPSS Percentile23.79th
PublishedJan 13, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.

Affected Platforms (CPE)

πŸ“¦
Strategy11

Awp Classifieds

= 3.3.1

References & Advisories

πŸ”— http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/98588
πŸ”— http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/98588

Related Vulnerabilities

CVE-2026-395337.5

Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...