Unrated severityNVD Advisory· Published Jul 2, 2014· Updated Jun 17, 2026
CVE-2014-4604
CVE-2014-4604
Description
Cross-site scripting (XSS) vulnerability in settings/pwsettings.php in the Your Text Manager plugin 0.3.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ytmpw parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:your-text-manager_project:your-text-manager:*:-:-:*:-:wordpress:*:*+ 1 more
- cpe:2.3:a:your-text-manager_project:your-text-manager:*:-:-:*:-:wordpress:*:*range: <=0.3.0
- (no CPE)range: <=0.3.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.