Tag: Cross-Site Scripting
-
Buzzy New Social Media Site Pillowfort Is Riddled With Basic Bugs
“Such a silly mistake,” Jane Manchun Wong, an independent security researcher, told Motherboard in an online …
-
Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable …
-
Facebook, News and XSS Underpin Complex Browser Locker Attack
A sophisticated “browser locker” campaign is spreading via Facebook, ultimately pushing a tech-support scam. The effort is more …
-
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, …
-
Newsletter WordPress Plugin Opens Door to Site Takeover
An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of …
-
Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft
A popular online social service, Meetup, has fixed several critical flaws in its website. If exploited, the flaws could have enabled …
-
Anti-phishing startup Inky raises $20M to ramp up enterprise adoption
Anti-phishing startup Inky has raised $20 million in its Series B round of funding, led by Insight Partners . The funding will help the …
-
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted …
-
Security 101: Cross-Site Scripting
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we’ve …
-
Login with Facebook Bug Earns $20K Bounty
Facebook has awarded a security researcher $20,000 for discovering a cross-site scripting (XSS) vulnerability in the Facebook Login SDK, …
-
Open source bugs have soared in the past year
Open source bugs have skyrocketed in the last year, according to a report from open source licence management and security software vendor …
-
XSS plugin vulnerabilities plague WordPress users
Thousands of active WordPress plugins have been hit with a swathe of cross-site scripting (XSS) vulnerabilities that could give attackers …
●●●