Lucene search
HistoryJul 01, 2014 - 2:55 p.m.
CVE-2014-4513
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
50.6%
Multiple cross-site scripting (XSS) vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter.
Affected configurations
Node
activehelperactivehelper_livehelp_live_chatRange≤3.1.0wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.6.0wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.6.1wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.6.2wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.6.5wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.6.7wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.7.0wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.7.3wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.7.4wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.7.5wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.9.0wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.9.1wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.9.2wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch2.9.5wordpress
ORactivehelperactivehelper_livehelp_live_chatMatch3.0.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| activehelper | activehelper_livehelp_live_chat | * | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:*:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.6.0 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.6.0:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.6.1 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.6.1:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.6.2 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.6.2:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.6.5 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.6.5:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.6.7 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.6.7:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.7.0 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.7.0:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.7.3 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.7.3:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.7.4 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.7.4:*:*:*:*:wordpress:*:* |
| activehelper | activehelper_livehelp_live_chat | 2.7.5 | cpe:2.3:a:activehelper:activehelper_livehelp_live_chat:2.7.5:*:*:*:*:wordpress:*:* |
Related
nuclei
nuclei
ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting
2021-07-14 23:59:13
patchstack
patchstack
WordPress ActiveHelper LiveHelp Plugin <= 3.1.0 - Multiple XSS
2014-06-23 00:00:00
cve
cve
CVE-2014-4513
2014-07-01 14:55:05
openvas
openvas
prion
prion
Cross site scripting
2014-07-01 14:55:00
wpvulndb
wpvulndb
cvelist
cvelist
CVE-2014-4513
2014-07-01 14:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
50.6%
Related for NVD:CVE-2014-4513