Get a Pentest and security assessment of your IT network.

News

Stored XSS in WP Product Review Lite plugin allows for automated takeovers

A critical flaw in the WP Product Review Lite plugin installed on over 40,000 WordPress sites could potentially allow attackers to take over. The vulnerability was discovered by researchers at Sucuri Labs, it is a persistent XSS that could be exploited by remote, unauthenticated attackers. A successful attack results in malicious scripts being injected in all the sites products. The plugin was reported to the plugin developers on May 13, and it was fixed in only 24 hours, on May 14, 2020. At the time of writing, more than 7,000 users have already fixed their plugin.”]

Source: https://securityaffairs.co/wordpress/103369/breaking-news/wp-product-review-lite-xss.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2