Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-100026


Vulnerability Score 4.3 4.3
CVE Id CVE-2014-100026
Last Modified 14 Jan 2015 02:55:30
Published 13 Jan 2015 10:59:27
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Cross-site scripting (XSS) vulnerability in readme.php in the April's Super Functions Pack plugin before 1.4.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • April%27s Super Functions Pack Project April%27s Super Functions Pack 1.4.7



XF - aprilsuperfunctions-readme-xss(90172)

BID - 64699

SECUNIA - 55576

OSVDB - 101807

Last Updated: 27 May 2016 11:07:32