Get a Pentest and security assessment of your IT network.

Cyber Security

WordPress Plugin Bug Opens 100K Websites to Compromise

A CSRF bug in Real-Time Find and Replace, a WordPress plugin, could lead to cross-site scripting and the injection of malicious JavaScript anywhere on a victim site. A successful exploit of the bug would require a site s administrator to click on a malicious link in a comment or email. The malicious code injection could be used to create a new administrative user account, steal session cookies and steal session users to a malicious site, obtain administrative access or infect innocent visitors browsing a compromised site.

Source: https://threatpost.com/wordpress-plugin-bug-100k-websites-compromise/155230/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation