9 matches found
EUVD-2014-4524
Malware in sbrugna...
Social Invitations Plugin for WordPress < 1.4.4.3 Cross-Site Scripting
The WordPress Social Invitations Plugin installed on the remote host is affected by a Cross-Site Scripting. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
WordPress Social Invitations Plugin 'test.php' XSS Vulnerability
WordPress Social Invitations Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
WP Social Invitations <=1.4.4.2 - test.php Multiple Parameter Reflected XSS
The wp-social-invitations WordPress plugin was affected by a test.php Multiple Parameter Reflected XSS security vulnerability...
CVE-2014-4597
Cross-site scripting XSS vulnerability in test.php in the WP Social Invitations plugin before 1.4.4.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in test.php in the WP Social Invitations plugin before 1.4.4.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter...
CVE-2014-4597
Affected software: WordPress WP Social Invitations Plugin. Vulnerable component: test.php parameter handling (xhrurl) in versions before 1.4.4.3. Root cause: cross-site scripting (XSS) vulnerability allowing remote attackers to inject arbitrary script/HTML via the xhrurl parameter. Impact: potent...
CVE-2014-4597
Cross-site scripting XSS vulnerability in test.php in the WP Social Invitations plugin before 1.4.4.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xhrurl parameter...
WordPress WP Social Invitations Plugin <= 1.4.4.2 - XSS
Because of this vulnerability in test.php, the attackers can inject arbitrary web script or HTML via the "xhrurl" parameter. Solution Update the plugin...