CVE-2025-14557

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557

CVE-2025-14557 affects Drupal Facebook Pixel module (facebook_pixel) with stored XSS due to improper input neutralization during page generation. Affected versions are 7.X-1.0 through 7.X-1.1. The vulnerability can allow malicious script injection via input fields rendered on generated pages, as ...

CVE-2025-14557

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

CVE-2025-14557 XSS in Drupal 7 Facebook Pixel Module

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Facebook Pixel facebookpixel allows Stored XSS.This issue affects Facebook Pixel: from 7.X-1.0 through 7.X-1.1...

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific...

Drupal Facebook Pixel 安全漏洞

Drupal Facebook Pixel is an ad placement module for the Drupal community. A security vulnerability exists in Drupal Facebook Pixel versions 7.X-1.0 through 7.X-1.1, which stems from improper input neutralization during page generation and could lead to a stored cross-site scripting attack...

PT-2026-2942

Name of the Vulnerable Software and Affected Versions Drupal Facebook Pixel versions 7.X-1.0 through 7.X-1.1 Description The Facebook Pixel module for Drupal contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting XSS issue. This...

EUVD-2021-11243

Malware in sbrugna...

Case Study: Are CSRF Tokens Sufficient in Preventing CSRF Attacks?

Explore how relying on CSRF tokens as a security measure against CSRF attacks is a recommended best practice, but in some cases, they are simply not enough. Introduction As per the Open Web Application Security Project OWASP, CSRF vulnerabilities are recognized as a significant threat and are...

Malicious code in facebook-pixel-wordpress-js-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3d88b8d260c2076030d62c623d5ba25ef3707962091c0e2a0c124f2610fd37d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1121 Malicious code in facebook-pixel-wordpress-js-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3d88b8d260c2076030d62c623d5ba25ef3707962091c0e2a0c124f2610fd37d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in facebook-pixel-for-wordpress (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70f06b1883493dc840e21dc5b142c6dca42f9ecb2c0f6381e9f1a0abc7bf1de3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1120 Malicious code in facebook-pixel-for-wordpress (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70f06b1883493dc840e21dc5b142c6dca42f9ecb2c0f6381e9f1a0abc7bf1de3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-51357 WordPress Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin <= 6.5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Conversios Conversios.io enhanced-e-commerce-for-woocommerce-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Conversios.io: from n/a through = 6.5.0...

CVE-2023-46094

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Conversios Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin = 6.5.3 versions...

CVE-2023-46094

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Conversios Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin = 6.5.3 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Conversios Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin = 6.5.3 versions...