Cookie-nabbing app could have served users side helping of XSS

Credit to Author: Danny Bradbury| Date: Fri, 14 Feb 2020 12:29:39 +0000

A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/uCTRH0KiVPg” height=”1″ width=”1″ alt=””/>

Read more

WordPress sites hit by malvertising

Credit to Author: Danny Bradbury| Date: Thu, 07 Nov 2019 14:01:01 +0000

An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/G42iCdpslDg” height=”1″ width=”1″ alt=””/>

Read more

Hackers are infecting WordPress sites via a defunct plug-in

Credit to Author: Danny Bradbury| Date: Thu, 26 Sep 2019 10:37:03 +0000

If you’re a Wordpress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/qE8j8GEJrAI” height=”1″ width=”1″ alt=””/>

Read more