WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
Tag Archives: XSS
WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities
A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.
WordPress Plugins Leave Black Friday Shoppers Vulnerable
Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.
WordPress Update Resolves XSS, Path Traversal Vulnerabilities
Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday.
GoDaddy Addresses Blind XSS Vulnerability Affecting Online Support
Domain registrar GoDaddy fixed a vulnerability affecting systems used by its customer support agents that could have been abused to take over, modify or delete accounts.
Magento Update Addresses XSS, CSRF Vulnerabilities
Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.
Critical Yahoo Mail Flaw Patched, $10K Bounty Paid
A researcher earned a $10,000 bounty from Yahoo for a stored cross-site scripting vulnerability in Yahoo Mail.
WordPress 4.4.1 Update Resolves XSS Vulnerability
Developers at WordPress are warning users of the content management system to download and apply the most recent update, pushed yesterday, to address a cross-site scripting vulnerability.
Critical Flaws Found in Network Management Systems
Rapid7 has reported and disclosed a half-dozen XSS and SQL injection flaws in popular network management systems, all of which can be reached via SNMP.
LinkedIn Fixes Persistent XSS Vulnerability
LinkedIn fixed a persistent cross site scripting vulnerability in its site this week that could have spread a worm on the service’s help forums.