Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-pv7x-62h4-fpxp

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.

Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.

Ссылки

EPSS

Процентиль: 63%
0.0044
Низкий

CVE ID

CVE-2015-4413

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2015-4413

nvd
больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.

EPSS

Процентиль: 63%
0.0044
Низкий

CVE ID

CVE-2015-4413

Дефекты

CWE-79