VYPR
← All advisories
Unrated severityNVD Advisory· Published Jul 1, 2014· Updated May 6, 2026

CVE-2014-4521

CVE-2014-4521

Description

Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter.

Affected products

41
  • Diversesolutions/Dsidxpress Idx Plugin41 versions
    cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.2:*:*:*:*:wordpress:*:*+ 40 more
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.2:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.3:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.4:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.5:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.6:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:*:*:*:*:*:wordpress:*:*range: <=2.1.0
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.0:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.1:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.7:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.8:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.9:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.10:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.11:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.12:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.13:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.14:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.15:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.16:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.17:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.18:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.19:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.20:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.21:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.22:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.23:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.24:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.25:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.26:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.27:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.28:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.29:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.30:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.31:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.32:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.33:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.34:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.35:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.36:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.37:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.38:*:*:*:*:wordpress:*:*
    • cpe:2.3:a:diversesolutions:dsidxpress_idx_plugin:2.0.39:*:*:*:*:wordpress:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.