Lucene search
+L

82 matches found

Cvelist
Cvelist
added 2023/03/23 11:28 a.m.18 views

CVE-2022-45843 WordPress Smart Slider 3 Plugin <= 3.5.1.9 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting vulnerability in Nextend Smart Slider 3 plugin = 3.5.1.9 versions...

5.4CVSS5.5AI score0.00383EPSS
Exploits0References1
NVD
NVD
added 2018/04/12 3:29 p.m.21 views

CVE-2015-4557

Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...

6.1CVSS6.2AI score0.0196EPSS
Exploits2References4
Prion
Prion
added 2018/04/12 3:29 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...

4.3CVSS6.1AI score0.02719EPSS
Exploits3References4Affected Software1
CVE
CVE
added 2018/04/12 3:0 p.m.52 views

CVE-2015-4557

CVE-2015-4557 is an XSS vulnerability in the Nextend Twitter Connect WordPress plugin, present before version 1.5.2. The issue is triggered via the redirect_to parameter in the function new_Twitter_sign_button in nextend-Twitter-connect.php, allowing injection of arbitrary script/HTML. The relate...

6.1CVSS6.1AI score0.0196EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2018/04/12 3:0 p.m.19 views

CVE-2015-4557

Cross-site scripting XSS vulnerability in the newTwittersignbutton function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter. NOTE: this may overlap...

6.1AI score0.0196EPSS
Exploits2References4
WPVulnDB
WPVulnDB
added 2016/03/15 12:0 a.m.17 views

Nextend Facebook Connect <= 1.5.7 - Cross-Site Request Forgery (CSRF)

The Nextend Social Login and Register WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability. PoC...

3.5AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/06/26 12:0 a.m.7 views

WordPress Plugin Nextend Facebook Connect 'new_fb_sign_button' Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL.Nextend Facebook Connect is one of the Facebook login and registration plug-ins. A cross-site scripting vulnerability exist...

4.3CVSS5.9AI score0.02719EPSS
Exploits1References1
NVD
NVD
added 2015/06/24 2:59 p.m.21 views

CVE-2015-4413

Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...

4.3CVSS6.1AI score0.02719EPSS
Exploits1References5
Prion
Prion
added 2015/06/24 2:59 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...

4.3CVSS6.1AI score0.02719EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2015/06/24 2:0 p.m.50 views

CVE-2015-4413

The CVE-2015-4413 entry concerns the Nextend Facebook Connect WordPress plugin. A Cross-Site Scripting (XSS) vulnerability exists in the new_fb_sign_button function in nextend-facebook-connect.php that allows injection of arbitrary web script or HTML via the redirect_to parameter. Affected versio...

4.3CVSS6.1AI score0.02719EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2015/06/24 2:0 p.m.21 views

CVE-2015-4413

Cross-site scripting XSS vulnerability in the newfbsignbutton function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter...

6.1AI score0.02719EPSS
Exploits1References5
WPVulnDB
WPVulnDB
added 2015/06/24 12:0 a.m.27 views

Nextend Facebook Connect <= 1.5.4 - Reflected Cross-Site Scripting (XSS)

The Nextend Social Login and Register WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.8AI score0.02719EPSS
Exploits1References2Affected Software1
Packet Storm
Packet Storm
added 2015/06/24 12:0 a.m.41 views

WordPress Nextend Twitter Connect 1.5.1 Cross Site Scripting

Wordpress “Nextend Twitter Connect” =================================== Document Title: =============== WordPress “Nextend Twitter Connect” Plugin Version: 1.5.1 is vulnerable to Reflected XSS Cross Site Scripting Download URL: ============= https://wordpress.org/plugins/nextend-twitter-connect/...

6.4AI score0.0196EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2015/06/24 12:0 a.m.26 views

Nextend Twitter Connect <= 1.5.1 - Reflected Cross-Site Scripting (XSS)

The nextend-twitter-connect WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.1AI score0.0196EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2014/12/05 3:59 p.m.17 views

CVE-2014-8800

Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...

4.3CVSS5.7AI score0.0377EPSS
Exploits3References4
Prion
Prion
added 2014/12/05 3:59 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...

4.3CVSS6.2AI score0.0377EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2014/12/05 3:0 p.m.23 views

CVE-2014-8800

Cross-site scripting XSS vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fbloginbutton parameter in a newfbupdateoptions action...

5.7AI score0.0377EPSS
Exploits3References4
CVE
CVE
added 2014/12/05 3:0 p.m.47 views

CVE-2014-8800

CVE-2014-8800 is a cross-site scripting (XSS) vulnerability in the Nextend Facebook Connect WordPress plugin prior to 1.5.1. The issue affects nextend-facebook-settings.php via the fb_login_button parameter in a newfb_update_options action, enabling remote injection of arbitrary HTML/script. Publ...

4.3CVSS5.9AI score0.0377EPSS
Exploits3References4Affected Software1
Patchstack
Patchstack
added 2014/12/02 12:0 a.m.23 views

WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS

Because of a cross-site scripting vulnerability in Nextend Facebook Connect plugin, anyone can change plugin settings. Solution Update the plugin to version 1.5.1...

4.3CVSS2.5AI score0.0377EPSS
Exploits3References1Affected Software1
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.16 views

WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting

WordPress Plugin Nextend Facebook Connect 1.4.59 - Cross-Site Scripting Exploit Title: Nextend Facebook Connect 1.4.59 XSS Date: 16-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link:...

4.3CVSS0.2AI score0.0377EPSS
Exploits3
Rows per page
Query Builder