CVE-2015-4413
The CVE-2015-4413 entry concerns the Nextend Facebook Connect WordPress plugin. A Cross-Site Scripting (XSS) vulnerability exists in the new_fb_sign_button function in nextend-facebook-connect.php that allows injection of arbitrary web script or HTML via the redirect_to parameter. Affected versio...