Top
item
Advertisement
image credit: Pixabay

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

September 26, 2019

Via: Threat Post
Category:

An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored cross-site scripting (XSS) attacks.

Sites running the plugin are vulnerable to unauthenticated plugin option updates, which can be used to deliver malware payloads; and according to Wordfence, attacks are already happening in the wild.

Read More on Threat Post

RELATED PUBLICATIONS

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
API sprawl: navigating the web of connectivity and security challenges

Latest Publications

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!