WordPress Plugin Vulnerabilities

Construction Mode 1.8 - under-construction.php wuc_logo Parameter XSS

Description

The WP Construction Mode WordPress plugin was affected by an under-construction.php wuc_logo Parameter XSS security vulnerability.

Affects Plugins

Plugin icon
wp-construction-mode
Fixed in 1.9

References

CVE
CVE-2014-4854
URL
https://packetstormsecurity.com/files/#127287/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
ca1411c2-2baa-4e61-b9e1-48b791a2750c

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2024-01-19
Title
GigPress <= 2.3.29 - Admin+ Stored Cross Site Scripting
Published
2022-05-09
Title
Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting
Published
2023-03-28
Title
Woocommerce Custom Checkout Fields Editor With Drag & Drop <= 0.1 - Reflected Cross-Site Scripting
Published
2014-08-01
Title
paypal-digital-goods-monetization-powered-by-cleeng <= 2.2.13 - XSS in ZeroClipboard
Published
2024-04-05
Title
Formsite | Embed online forms to collect orders, registrations, leads, and surveys < 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting