CVE-2014-2219
CMSimple Classic <3.54 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in whizzywig/wb.php in CMSimple Classic 3.54 and earlier, possibly as downloaded before February 26, 2014, allows remote attackers to inject arbitrary web script or HTML via the d parameter.
Scores
EPSS
0.0025
EPSS Percentile
48.6%
Details
CWE
CWE-79
Status
published
Products (2)
cmsimple/cmsimple_classic
< 3.5.4
n/a/n/a
Published
Mar 20, 2014
Tracked Since
Feb 18, 2026