Compfight < 1.5 Cross-Site Scripting (XSS) | CVE 2014-5202

Affects Plugins

compfight

Fixed in 1.5

References

CVE

CVE-2014-5202

CVE

CVE-2014-8622

URL

https://packetstormsecurity.com/files/#127430/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

erwanlr

Verified

No

WPVDB ID

7c1afba2-e762-4a03-ba3b-ab85b17796f0

Timeline

Publicly Published

2014-09-19 (about 11 years ago)

Added

2014-09-19 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2025-04-01

Title

Multiple Themify Themes - Reflected Cross-Site Scripting

Published

2021-08-30

Title

WP Statistic < 13.1 - Reflected Cross-Site Scripting (XSS)

Published

2024-11-08

Title

Moka Get Posts Shortcode <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-01-31

Title

Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

Published

2025-09-09

Title

Heateor Login – Social Login Plugin < 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting