CVEブラウザに戻る

CVE-2014-10012

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.0660%

EPSS Percentile23.79th

Published2015年1月13日

Last Modified2026年5月6日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.

Affected Platforms (CPE)

📦

Strategy11

Awp Classifieds

= 3.3.1

References & Advisories

🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98588

🔗 http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/98588

関連する脆弱性情報

CVE-2026-395337.5

Unauthenticated Broken Access Control in AWP Classifieds <= 4.4.4 versions.

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052710.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows at...