Network World

XSS flaw in popular video-sharing site enabled DDoS attack through visitors’ browsers

Attackers exploited a vulnerability in a popular video-sharing site to hijack users’ browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security ...
TechJuice

PTA Issues Cybersecurity Warning Over Vulnerable WordPress Plugins

PTA warns website admins of critical flaws in popular WordPress plugins, urging immediate updates to prevent CSRF and XSS ...

Beware of These Dangerous WordPress Plugins Infecting Pakistani Websites

The Pakistan Telecommunication Authority (PTA) has issued a cybersecurity advisory warning website administrators and developers about multiple ...

WPBakery WordPress Vulnerability Lets Attackers Inject Malicious Code

WPBakery is a drag-and-drop page builder plugin for WordPress that enables users to easily create custom layouts and websites ...
Bleeping Computer

CISA urges software devs to weed out XSS vulnerabilities

CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal ...
Searchenginejournal.com

WordPress AMP Plugin Vulnerability Affects Up To 100,000+ Sites

A cross-site scripting (XSS) is one of the most frequent kind of vulnerability. In the context of WordPress plugins, XSS vulnerabilities happen when a plugin has a way to input data that isn’t ...
Bleeping Computer

Netgear warns users to patch auth bypass, XSS router flaws

Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router ...
Computerworld

Can we please stop cross-site scripting attacks?

You’d think the Web designers and masters of a major presidential campaign site would get it right wouldn’t you? I mean, they’re running these sites to convince voters to get their person into the ...