30 matches found
Add Link To Facebook <= 2.3 - Cross-Site Scripting (XSS)
The last time it was checked the plugin was still affected and had been closed...
WordPress Add Link to Facebook Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Add Link to Facebook is one of the plug-ins to automatically add links to Facebook. A cross-site scripting...
CVE-2018-5214
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fbfacebookid parameter to wp-admin/profile.php...
The Slippery Slope Starts with "Get 2 Free Airline Tickets"
Written by Or Katz and Raviv Perets A widespread phishing scam that offers free airline tickets has been spotted in the wild by Akamai's Enterprise Threat Protector ETP security research team. The campaign uses a number of social engineering techniques to trick people into providing their private...
CVE-2015-1582
Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...
CVE-2015-1582
Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...
Foxit Reader < 5.4 Trojan DLL Injection
The version of Foxit Reader installed on the remote Windows host is prior to 5.4. It is, therefore, affected by a flaw in the Facebook Plugin facebookplugin.fpi due to how dynamic-link library DLL files are located and loaded. A local attacker can exploit this issue, via a crafted Trojan horse DL...
Design/Logic Flaw
Untrusted search path vulnerability in facebookplugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these...
Author of LilyJade Facebook Plugin Ignores Facebook Cease-and-Desist
As the tech and investment banking worlds eagerly anticipate Facebook’s long-awaited initial public offering, the world’s largest social network is trying to put stops to a suspicious, but arguably benign, plugin. According to a Brian Krebs report, Dru Mundorff of Arizona is shamelessly selling t...