Medium severity6.1NVD Advisory· Published Dec 27, 2019· Updated Jun 17, 2026
CVE-2014-4539
CVE-2014-4539
Description
Cross-site scripting (XSS) vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Movies plugindescription
Patches
Vulnerability mechanics
References
1- codevigilant.com/disclosure/wp-plugin-movies-a3-cross-site-scripting-xssnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.