Unrated severityNVD Advisory· Published Jul 1, 2014· Updated Jun 17, 2026
CVE-2014-4575
CVE-2014-4575
Description
Cross-site scripting (XSS) vulnerability in js/window.php in the Wikipop plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=2.0+ 1 more
- (no CPE)range: <=2.0
- (no CPE)range: <=2.0
- cpe:2.3:a:wikipop_plugin_project:wikipop:*:*:*:*:*:wordpress:*:*Range: <=2.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.