2 matches found
CVE-2012-10015
CVE-2012-10015 affects the BestWebSoft Twitter Plugin for WordPress (versions up to 2.14). Affected is the function twttr_settings_page in twitter.php of the Settings Page component, where a cross-site request forgery (CSRF) vulnerability exists. The issue can be triggered remotely; upgrading to ...
CVE-2014-125103
The vulnerability CVE-2014-125103 affects the BestWebSoft Twitter Plugin for WordPress up to version 1.3.2. The issue resides in the function twttr_settings_page (twitter.php), where input manipulation of twttr_url_twitter, bws_license_key, or bws_license_plugin enables cross-site scripting (XSS)...