Threat Post

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

The issue in the Rich Reviews plugin is being actively exploited. An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored ...
Bleeping Computer

Active XSS Attacks Targeting Amp for WP WordPress Plugin

Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an ...
Threat Post

WordPress WP Live Chat Support Plugin Fixes XSS Flaw

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. For the second time this month a patch has been ...
Searchenginejournal.com

WordPress AMP Plugin Vulnerability Affects Up To 100,000+ Sites

A cross-site scripting (XSS) is one of the most frequent kind of vulnerability. In the context of WordPress plugins, XSS vulnerabilities happen when a plugin has a way to input data that isn’t ...
Searchenginejournal.com

Vulnerability in WordPress Google Analytics Plugin Hits +3 Million Websites

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability.