4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tbtabindex parameter to wp-admin/options-general.php...
CVE-2013-6342
Cross-site scripting XSS vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tbtabindex parameter to wp-admin/options-general.php...
CVE-2013-6342
CVE-2013-6342 concerns a Cross-Site Scripting (XSS) in the WordPress Tweet Blender plugin prior to 4.0.2. The issue arises from insufficient sanitization of the tb_tab_index parameter submitted to /wp-admin/options-general.php, allowing a remote attacker to inject arbitrary script or HTML in the ...
WordPress Tweet Blender Plugin <= 4.0.1 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "tbtabindex" parameter to wp-admin/options-general.php. Solution Update the plugin...