{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T03:58:00.099","vulnerabilities":[{"cve":{"id":"CVE-2014-9035","sourceIdentifier":"cve@mitre.org","published":"2014-11-25T23:59:06.227","lastModified":"2026-06-17T00:17:42.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Press This in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de XSS en Press This en WordPress anterior a 3.7.5, 3.8.x anterior a 3.8.5, 3.9.x anterior a 3.9.3, y 4.x anterior a 4.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"05E4FA51-9B8A-49E4-B6E8-A9799BE216CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.8:*:*:*:*:*:*:*","matchCriteriaId":"F4D38621-9941-4D03-91D7-3902930546A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.8.1:*:*:*:*:*:*:*","matchCriteriaId":"934CC6A1-D5E4-468C-B31D-F5C7B02FCE6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.8.2:*:*:*:*:*:*:*","matchCriteriaId":"BC02EF96-4F17-443C-A739-961EED916C18"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.8.3:*:*:*:*:*:*:*","matchCriteriaId":"C631B472-8FF2-4A93-91F1-DCA813A8520A"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.8.4:*:*:*:*:*:*:*","matchCriteriaId":"57EB9FD7-7922-44A5-BB82-410B33032E59"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.9:*:*:*:*:*:*:*","matchCriteriaId":"CC9343FA-182C-4E2E-85ED-13F0B398258A"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.9.1:*:*:*:*:*:*:*","matchCriteriaId":"B79DE40E-BFA7-43DA-AB42-2812FB207941"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:3.9.2:*:*:*:*:*:*:*","matchCriteriaId":"5EED9381-2BFC-4BDA-AC4B-CBC77E8538D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:wordpress:wordpress:4.0:*:*:*:*:*:*:*","matchCriteriaId":"E372A3D2-FCB5-4A74-840D-EC03732FCC97"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"16F59A04-14CF-49E2-9973-645477EA09DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]}],"references":[{"url":"http://advisories.mageia.org/MGASA-2014-0493.html","source":"cve@mitre.org"},{"url":"http://openwall.com/lists/oss-security/2014/11/25/12","source":"cve@mitre.org"},{"url":"http://www.debian.org/security/2014/dsa-3085","source":"cve@mitre.org"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:233","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/71236","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id/1031243","source":"cve@mitre.org"},{"url":"https://wordpress.org/news/2014/11/wordpress-4-0-1/","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://advisories.mageia.org/MGASA-2014-0493.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://openwall.com/lists/oss-security/2014/11/25/12","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.debian.org/security/2014/dsa-3085","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:233","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/71236","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1031243","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://wordpress.org/news/2014/11/wordpress-4-0-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}