WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.
Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.
Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday.
Domain registrar GoDaddy fixed a vulnerability affecting systems used by its customer support agents that could have been abused to take over, modify or delete accounts.
Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.
A researcher earned a $10,000 bounty from Yahoo for a stored cross-site scripting vulnerability in Yahoo Mail.
Developers at WordPress are warning users of the content management system to download and apply the most recent update, pushed yesterday, to address a cross-site scripting vulnerability.
Rapid7 has reported and disclosed a half-dozen XSS and SQL injection flaws in popular network management systems, all of which can be reached via SNMP.
LinkedIn fixed a persistent cross site scripting vulnerability in its site this week that could have spread a worm on the service’s help forums.