cleantalk
Vulnerabilities and Security Researches

Nextend Social Login and Register, CVE-2014-8800

CVE, Research URL

CVE-2014-8800

Home page URL

Security reports for Nextend Social Login and Register

Application

Nextend Social Login and Register

Published on
Dec 05, 2014
Research Description
Cross-site scripting (XSS) vulnerability in nextend-facebook-settings.php in the Nextend Facebook Connect plugin before 1.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the fb_login_button parameter in a newfb_update_options action.
Affected versions
max 1.5.1.
Status
vulnerable
Previous vulnerability researches
Nextend Social Login and Register (CVE-2014-8800) , Jun 07, 2024
Nextend Social Login and Register (CVE-2015-4413) , Jun 07, 2024
Nextend Social Login and Register (9d33cb45c6b99122e0c0e635939fd5605cfcfc48) , Jun 16, 2026
Nextend Social Login and Register (CVE-2024-1775) , Jun 07, 2024
Nextend Social Login and Register (281fe3cc-7079-403e-83d6-8b7e8811edbc) , Jun 16, 2026
New vulnerability
Ethereum Wallet (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Ethereum Wallet (4630a7917dc00bb0523f4eadda31d374d3778c37) , Jun 16, 2026
Debug Bar – Enable WP_DEBUG from admin dashboard (ab5bf8f0b6e5857005818027b088dbbda4126789) , Jun 16, 2026
AI Engine (7f5449dc8d09819a2b897628d4142dd44c0ac3e9) , Jun 16, 2026
AI Engine (21a6533cf7116e730acb86ec7750d660dce20694) , Jun 16, 2026