CVE-2014-4563
WordPress url-cloak-encrypt <2.0 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in go.php in the URL Cloak & Encrypt (url-cloak-encrypt) plugin 2.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Scores
EPSS
0.0017
EPSS Percentile
38.7%
Details
CWE
CWE-79
Status
published
Products (2)
url_cloak_\&_encrypt_project/url_cloak_\&_encrypt
< 2.0
n/a/n/a
Published
Jul 02, 2014
Tracked Since
Feb 18, 2026