WP-FaceThumb 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter. id: CVE-2012-2371 info: name: WP-FaceThumb 0.1 - Cross-Site Scripting author: daffainfo severity:...

EUVD-2012-2362

Malware in sbrugna...

CVE-2012-2371

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

CVE-2014-4585

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

CVE-2014-4585

The CVE-2014-4585 entry concerns the WP-FaceThumb WordPress plugin (likely 1.0 and earlier) suffering a Cross‑site Scripting (XSS) vulnerability. According to the records, an attacker could inject arbitrary script or HTML via the ajax_url parameter to index.php, enabling remote code/input manipul...

CVE-2014-4585

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

WordPress WP FaceThumb Plugin <= 1.0 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "ajaxurl" parameter to index.php. Solution Update the plugin...

CVE-2012-2371

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

CVE-2012-2371

WP-FaceThumb plugin for WordPress (version 0.1) has a reflected XSS in index.php, exploitable via the pagination_wp_facethumb parameter. The NVD description confirms the vulnerability enables remote injection of arbitrary scripts/HTML. The connected Nuclei template reiterates the XSS in WP-FaceTh...

WordPress Plugin WP-FaceThumb 0.1 - pagination_wp_facethum Cross-Site Scripting

WordPress Plugin WP-FaceThumb 0.1 - paginationwpfacethum Cross-Site Scripting source: https://www.securityfocus.com/bid/53497/info WP-FaceThumb is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting

Wordpress WP-FaceThumb Gallery Plugin Description: This plugin allows your visitor to take a snapshot whith a webcam and the thumb is display on your sidebar. The visitor indicate his pseudo and can let an URL which will be link to the thumb...

WordPress WP FaceThumb Plugin 0.1 - Cross Site Scripting

WordPress WP-FaceThumb plugin's "paginationwpfacethum" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attack...

WordPress Plugin WP-FaceThumb 0.1 - &#039;pagination_wp_facethum&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/53497/info WP-FaceThumb is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

WP-Facethumb Gallery <= 0.1 - Reflected Cross Site Scripting

The vendor has discontinued this product as of 2012-05-03...