CBI Referral Manager <= 1.2.1 Cross-Site Scripting (XSS)

Affects Plugins

cbi-referral-manager

No known fix

References

CVE

CVE-2014-4517

URL

https://codevigilant.com/disclosure/wp-plugin-cbi-referral-manager-a3-cross-site-scripting-xss/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

No

WPVDB ID

e5a15534-3440-41f8-b16a-c770b05b5fae

Timeline

Publicly Published

2014-11-01 (about 11 years ago)

Added

2014-11-01 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2021-10-18

Title

Microsoft Clarity < 0.4 - Admin+ Stored Cross-Site Scripting

Published

2023-01-03

Title

Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode

Published

2023-10-25

Title

Simple User Listing < 1.9.3 - Reflected XSS

Published

2025-01-07

Title

WP Joomag <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-09-16

Title

MailPoet < 5.14.2 - Reflected XSS