CVE-2014-1232

NONE EPSS 77.9%
Published Jan 8, 201412y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 8, 2014 12y ago
Last Modified Jun 17, 2026 2w ago

Description

Cross-site scripting (XSS) vulnerability in the Foliopress WYSIWYG plugin before 2.6.8.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Threat Intelligence

EPSS Exploit Probability
77.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 6

VendorProductVersionRange
foliovisionfoliopress_wysiwyg* ≤2.6.8.4
foliovisionfoliopress_wysiwyg2.6.8any
foliovisionfoliopress_wysiwyg2.6.8.1any
foliovisionfoliopress_wysiwyg2.6.8.2any
foliovisionfoliopress_wysiwyg2.6.8.3any
wordpresswordpress*any

References 4

Remediation

  • wordpress.org http://wordpress.org/plugins/foliopress-wysiwyg/changelog
    PatchVendor Advisory