cleantalk
Vulnerabilities and Security Researches

Nextend Social Login and Register, CVE-2015-4413

CVE, Research URL

CVE-2015-4413

Home page URL

Security reports for Nextend Social Login and Register

Application

Nextend Social Login and Register

Published on
Jun 24, 2015
Research Description
Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.
Affected versions
max 1.5.6.
Status
vulnerable
Previous vulnerability researches
Nextend Social Login and Register (CVE-2014-8800) , Jun 07, 2024
Nextend Social Login and Register (CVE-2015-4413) , Jun 07, 2024
Nextend Social Login and Register (9d33cb45c6b99122e0c0e635939fd5605cfcfc48) , Jun 16, 2026
Nextend Social Login and Register (CVE-2024-1775) , Jun 07, 2024
Nextend Social Login and Register (281fe3cc-7079-403e-83d6-8b7e8811edbc) , Jun 16, 2026
New vulnerability
JS Job Manager (4e1f7d7c-f78d-4e4d-be5c-01af042026b8) , Jun 16, 2026
JS Job Manager (a69933112186b63bc095eca706b7fe40c213989a) , Jun 16, 2026
Ethereum Wallet (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Ethereum Wallet (4630a7917dc00bb0523f4eadda31d374d3778c37) , Jun 16, 2026
Debug Bar – Enable WP_DEBUG from admin dashboard (ab5bf8f0b6e5857005818027b088dbbda4126789) , Jun 16, 2026