Wordfence Intelligence

Title	CVE ID	CVSS	Vector	Date
Upscale (Unknown Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Flashlight <= 2.8.4 - Cross-Site Scripting		7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L	October 29, 2012
Brightbox <= (Unknown Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Shoutbox (Unknown Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Expose (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Choices (All Versions) - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Abundance (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Velvet Theme (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Eunoia (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
Coalition (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 29, 2012
White Label CMS < 1.5.1 - Reflected Cross-Site Scripting	CVE-2012-5387	7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L	October 21, 2012
White Label CMS < 1.5.1 - Cross-Site Scripting	CVE-2012-5388	7.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L	October 21, 2012
Wordfence Security - Firewall & Malware Scan <= 3.3.6 - Stored Cross-Site Scripting		6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	October 19, 2012
Wordfence < 3.3.7 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 19, 2012
Slideshow < 2.1.13 - Cross-Site Scripting and Sensitive Information Disclosure		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 17, 2012
Imediapixel Themes (Various Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 8, 2012
Social Hashtags <= 3.0.0 - Cross-Site Scripting		4.8	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N	October 2, 2012
Parallelus Unite, Interscet, Traject, & Salutation < 2.0 - Reflected Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	October 2, 2012
Blaze Theme (All Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 29, 2012
Brisk (Unknown Versions) - Cross-Site Scripting		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	September 29, 2012

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

Showing 6421-6440 of 6,647 Vulnerabilities