Vulnerabilities > Wordfence Security Project > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-06 | CVE-2014-4664 | Cross-Site Scripting vulnerability in Wordfence Security Project Wordfence Security Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the whoisval parameter on the WordfenceWhois page to wp-admin/admin.php. | 4.3 |