5 matches found
CVE-2014-8800
Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...
CVE-2014-8800
CVE-2014-8800 is a cross-site scripting (XSS) vulnerability in the Nextend Facebook Connect WordPress plugin prior to 1.5.1. The issue affects nextend-facebook-settings.php via the fb_login_button parameter in a newfb_update_options action, enabling remote injection of arbitrary HTML/script. Publ...
CVE-2014-8800
Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting Exploit Title: Nextend Facebook Connect 1.4.59 XSS Date: 16-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link:...
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
Exploit Title: Nextend Facebook Connect 1.4.59 XSS Date: 16-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link: https://downloads.wordpress.org/plugin/nextend-facebook-connect.1.4.59.zip Category: webapps CVE: CVE-2014-8800 1...