Medium severity6.1NVD Advisory· Published Jan 8, 2016· Updated May 6, 2026

CVE-2014-6444

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Titan Framework plugin before 1.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to iframe-googlefont-preview.php or the (2) text parameter to iframe-font-preview.php.

Affected products

Titan Framework Project/Titan Framework
cpe:2.3:a:titan_framework_project:titan_framework:*:*:*:*:*:wordpress:*:*
Range: <=1.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpvulndb.com/vulnerabilities/8233nvdVendor Advisory
research.g0blin.co.uk/cve-2014-6444/nvd

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000