WP-FaceThumb 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter. id: CVE-2012-2371 info: name: WP-FaceThumb 0.1 - Cross-Site Scripting author: daffainfo severity:...

EUVD-2012-2362

Malware in sbrugna...

CVE-2012-2371

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

CVE-2014-4585

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

CVE-2014-4585

Cross-site scripting XSS vulnerability in the WP-FaceThumb plugin possibly 1.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the ajaxurl parameter to index.php...

CVE-2014-4585

The CVE-2014-4585 entry concerns the WP-FaceThumb WordPress plugin (likely 1.0 and earlier) suffering a Cross‑site Scripting (XSS) vulnerability. According to the records, an attacker could inject arbitrary script or HTML via the ajax_url parameter to index.php, enabling remote code/input manipul...

WordPress WP FaceThumb Plugin <= 1.0 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "ajaxurl" parameter to index.php. Solution Update the plugin...

CVE-2012-2371

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the paginationwpfacethumb parameter...

CVE-2012-2371

WP-FaceThumb plugin for WordPress (version 0.1) has a reflected XSS in index.php, exploitable via the pagination_wp_facethumb parameter. The NVD description confirms the vulnerability enables remote injection of arbitrary scripts/HTML. The connected Nuclei template reiterates the XSS in WP-FaceTh...

WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting

Wordpress WP-FaceThumb Gallery Plugin Description: This plugin allows your visitor to take a snapshot whith a webcam and the thumb is display on your sidebar. The visitor indicate his pseudo and can let an URL which will be link to the thumb...

WordPress Plugin WP-FaceThumb 0.1 - pagination_wp_facethum Cross-Site Scripting

WordPress Plugin WP-FaceThumb 0.1 - paginationwpfacethum Cross-Site Scripting source: https://www.securityfocus.com/bid/53497/info WP-FaceThumb is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

WordPress WP FaceThumb Plugin 0.1 - Cross Site Scripting

WordPress WP-FaceThumb plugin's "paginationwpfacethum" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attack...

WP-Facethumb Gallery <= 0.1 - Reflected Cross Site Scripting

The vendor has discontinued this product as of 2012-05-03...

WordPress Plugin WP-FaceThumb 0.1 - &#039;pagination_wp_facethum&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/53497/info WP-FaceThumb is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...