Lucene search
K

30 matches found

WPVulnDB
WPVulnDB
added 2018/11/14 12:0 a.m.15 views

Add Link To Facebook <= 2.3 - Cross-Site Scripting (XSS)

The last time it was checked the plugin was still affected and had been closed...

3.5CVSS1.3AI score0.00595EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/08 12:0 a.m.1 views

WordPress Add Link to Facebook Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Add Link to Facebook is one of the plug-ins to automatically add links to Facebook. A cross-site scripting...

5.4CVSS6.1AI score0.00595EPSS
Exploits1References1
OSV
OSV
added 2018/01/04 6:29 p.m.4 views

CVE-2018-5214

The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fbfacebookid parameter to wp-admin/profile.php...

5.4CVSS5.8AI score0.00595EPSS
Exploits1References2
Akamai Blog
Akamai Blog
added 2017/07/12 7:11 p.m.55 views

The Slippery Slope Starts with "Get 2 Free Airline Tickets"

Written by Or Katz and Raviv Perets A widespread phishing scam that offers free airline tickets has been spotted in the wild by Akamai's Enterprise Threat Protector ETP security research team. The campaign uses a number of social engineering techniques to trick people into providing their private...

7.1AI score
Exploits0
NVD
NVD
added 2015/02/11 7:59 p.m.23 views

CVE-2015-1582

Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...

4.3CVSS5.9AI score0.01651EPSS
Exploits1References2
Prion
Prion
added 2015/02/11 7:59 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...

4.3CVSS6.2AI score0.01651EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2015/02/11 7:0 p.m.34 views

CVE-2015-1582

Multiple cross-site scripting XSS vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the appid parameter in a registration task to the default URI or remote administrators to inject arbitrary web script or...

5.9AI score0.01651EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2012/09/12 12:0 a.m.29 views

Foxit Reader < 5.4 Trojan DLL Injection

The version of Foxit Reader installed on the remote Windows host is prior to 5.4. It is, therefore, affected by a flaw in the Facebook Plugin facebookplugin.fpi due to how dynamic-link library DLL files are located and loaded. A local attacker can exploit this issue, via a crafted Trojan horse DL...

6.9CVSS6.2AI score0.00864EPSS
Exploits0References4
Prion
Prion
added 2012/09/06 10:41 a.m.17 views

Design/Logic Flaw

Untrusted search path vulnerability in facebookplugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these...

6.9CVSS6.9AI score0.00864EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2012/05/17 4:9 p.m.9 views

Author of LilyJade Facebook Plugin Ignores Facebook Cease-and-Desist

As the tech and investment banking worlds eagerly anticipate Facebook’s long-awaited initial public offering, the world’s largest social network is trying to put stops to a suspicious, but arguably benign, plugin. According to a Brian Krebs report, Dru Mundorff of Arizona is shamelessly selling t...

0.1AI score
Exploits0References1
Rows per page
Query Builder