Open source bugs have skyrocketed, according to a report from WhiteSource, with XSS flaws account for a quarter of those bugs.
Tag Archives: cross-site scripting
XSS plugin vulnerabilities plague WordPress users
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.
Cookie-nabbing app could have served users side helping of XSS
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.
No surprises in the top 25 most dangerous software errors
An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today – with some old familiar names topping the list.
Serious flaws in six printer brands discovered, fixed
There are many ways to compromise company data, but IT teams often overlook one of the most serious: the humble printer.
Google Chrome is ditching its XSS detection tool
Google’s throwing in the towel on XSS Auditor and putting its trust in Trusted Types instead.
Flaw in popular PDF creation library enabled remote code execution
A researcher has discovered a high-severity bug in a popular PHP library used for creating PDFs.
WordPress 5.1.1 patches dangerous XSS vulnerability
Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site.
Update now! WordPress 5.0.1 release fixes seven flaws
Don’t delay, update your WordPress website today.
PayPal patches potential payment-stealing vulnerability
An XSS hole could apparently have allowed a crook to pop up a realistic PayPal “pay page” and steal the victim’s card data. Paul Ducklin takes a look…