CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-7151

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile27.70th
Published2016年1月8日
Last Modified2026年5月6日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in the NEX-Forms Lite plugin 2.1.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the form_fields parameter in a (1) do_edit or (2) do_insert action to wp-admin/admin-ajax.php.

Affected Platforms (CPE)

📦
Nex Forms Lite Project

Nex Forms Lite

= 2.1.0

References & Advisories

🔗 https://research.g0blin.co.uk/cve-2014-7151/
🔗 https://wpvulndb.com/vulnerabilities/8237
🔗 https://research.g0blin.co.uk/cve-2014-7151/
🔗 https://wpvulndb.com/vulnerabilities/8237

関連する脆弱性情報

CVE-2014-052810.0

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attac...

CVE-2014-052510.0

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unm...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...