1 results (0.022 seconds)

CVSS: 6.1EPSS: 0%CPEs: 72EXPL: 2

Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php. Vulnerabilidad de XSS en el plugin Tweet Blender anterior a la versión 4.0.2 para WordPress permite a atacantes remotos inyectar script web o HTML arbitrario a través del parámetro tb_tab_index a wp-admin/options-general.php. WordPress Tweet Blender plugin version 4.0.1 suffers from a cross site scripting vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2013-11/0072.html http://secunia.com/advisories/55780 http://wordpress.org/plugins/tweet-blender/changelog https://www.htbridge.com/advisory/HTB23180 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •