Dark Reading

New Plug-ins Help Firefox Find XSS, SQL Injection

4:14 PM -- Two new Firefox plug-ins were released last month to assist developers and security professionals in testing for cross-site scripting (XSS) and SQL injection vulnerabilities. Even though ...
Dark Reading

ExploitMe: Free Firefox Plug-Ins Test Web Apps

Canadian researchers have built a set of free exploit tools for Web applications that run as Firefox browser plug-ins; the so-called ExploitMe suite includes tools for cross-site scripting (XSS) and ...
Threat Post

WordPress WP Live Chat Support Plugin Fixes XSS Flaw

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites. For the second time this month a patch has been ...
Threat Post

Unpatched Bug Under Active Attack Threatens WordPress Sites with XSS

The issue in the Rich Reviews plugin is being actively exploited. An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored ...
Bleeping Computer

Active XSS Attacks Targeting Amp for WP WordPress Plugin

Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an ...
ZDNet

Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent

Critical security issues caused by improper access controls in a WordPress plugin designed for GDPR cookie compliance have been resolved, but hundreds of thousands of websites may still be vulnerable ...