Simple Social Buttons < 3.2.1 - Unauthenticated Reflected Cross-Site Scripting

The version 3.2.0 attempted to fix a reflected Cross-Site Scripting issue, by adding a CSRF check, which does not fully remediate it as unauthenticated users will all have the same nonce generated and valid for 12h to 24h, or 2 WP ticks. Only unauthenticated users can be attacked with this issue...

Simple Social Buttons < 3.2.1 - Unauthenticated Reflected Cross-Site Scripting

The version 3.2.0 attempted to fix a reflected Cross-Site Scripting issue, by adding a CSRF check, which does not fully remediate it as unauthenticated users will all have the same nonce generated and valid for 12h to 24h, or 2 WP ticks. Only unauthenticated users can be attacked with this issue...

SA-CONTRIB-2011-027 -Facebook Share - Cross Site Scripting (XSS)

This module enables Drupal site administrators to add a Facebook Share button to selected content type nodes. The module doesn't sufficiently check the override text or button size input fields on the module configuration form to prevent against an XSS exploit. This vulnerability is mitigated by...

Joomla EasyBlog Cross Site Scripting

Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...