ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP-FB-AutoConnect Plugin <= 4.0.5 - Multiple Vulnerabilities

Product
WP-FB-AutoConnect
Description
This plugin is prone to a cross site request forgery and cross site scripting. Attackers can perform XSS attacks and change the plugins admin settings by tricking a logged in admin to visit a crafted page.
Solution
Upgrade this plugin.
Classification
Type Multi
References
Packet Storm Security
CVE
Name CVE-N/A
Versions
Affected In <= 4.0.5
Fixed In 4.0.6
Disclosure date
2014-12-14
Submitter
ThreatPress