82 matches found
CVE-2022-45843 WordPress Smart Slider 3 Plugin <= 3.5.1.9 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting vulnerability in Nextend Smart Slider 3 plugin = 3.5.1.9 versions...
CVE-2015-4557
Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...
Cross site scripting
Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...
CVE-2015-4557
CVE-2015-4557 is an XSS vulnerability in the Nextend Twitter Connect WordPress plugin, present before version 1.5.2. The issue is triggered via the redirect_to parameter in the function new_Twitter_sign_button in nextend-Twitter-connect.php, allowing injection of arbitrary script/HTML. The relate...
CVE-2015-4557
Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...
Nextend Facebook Connect <= 1.5.7 - Cross-Site Request Forgery (CSRF)
The Nextend Social Login and Register WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability. PoC...
WordPress Plugin Nextend Facebook Connect 'new_fb_sign_button' Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Nextend Facebook Connect is one of the Facebook login and registration plug-ins. A cross-site scripting vulnerability exist...
CVE-2015-4413
Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...
CVE-2015-4413
The CVE-2015-4413 entry concerns the Nextend Facebook Connect WordPress plugin. A Cross-Site Scripting (XSS) vulnerability exists in the new_fb_sign_button function in nextend-facebook-connect.php that allows injection of arbitrary web script or HTML via the redirect_to parameter. Affected versio...
CVE-2015-4413
Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...
Nextend Facebook Connect <= 1.5.4 - Reflected Cross-Site Scripting (XSS)
The Nextend Social Login and Register WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...
WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting
Wordpress Nextend Twitter Connect =================================== Document Title: =============== WordPress Nextend Twitter Connect Plugin Version: 1.5.1 is vulnerable to Reflected XSS Cross Site Scripting Download URL: ============= https://wordpress.org/plugins/nextend-twitter-connect/...
Nextend Twitter Connect <= 1.5.1 - Reflected Cross-Site Scripting (XSS)
The nextend-twitter-connect WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...
CVE-2014-8800
Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...
Cross site scripting
Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...
CVE-2014-8800
Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...
CVE-2014-8800
CVE-2014-8800 is a cross-site scripting (XSS) vulnerability in the Nextend Facebook Connect WordPress plugin prior to 1.5.1. The issue affects nextend-facebook-settings.php via the fb_login_button parameter in a newfb_update_options action, enabling remote injection of arbitrary HTML/script. Publ...
WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS
Because of a cross-site scripting vulnerability in Nextend Facebook Connect plugin, anyone can change plugin settings. Solution Update the plugin to version 1.5.1...
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting
WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting Exploit Title: Nextend Facebook Connect 1.4.59 XSS Date: 16-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link:...