WordPress Plugin WP Statistics Patches XSS Flaw

WordPress plugin WP Statistics has patched a cross-site scripting (XSS) vulnerability that could allow for full website takeover. The vulnerability stems from the plugin failing to sanitize or validate users IP address when it uses a header to identify their IP address. The plugin is made by VeronaLabs and has more than 500,000 active installations. A patch has been issued in version 12.6.7 that addresses the flaw. Researchers urged plugin users to update to the patched version.

Source: https://threatpost.com/wordpress-plugin-wp-statistics-patches-xss-flaw/146248/

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Certificate Security in the Wild West

Selling technology to cops, part 2

This Week's TV: Felicia Day Plays a Hacker with a Dungeons and Dragons Tattoo

Categories

Partners

Just add here your partners image or promo text