Hackers have been spotted targeting websites running unpatched versions of the WordPress plugin Abandoned Cart for WooCommerce.
Tag Archives: XSS
Flash “security bypass” list hidden in Microsoft Edge browser
Until this month, the Edge browser could bypass its own warnings about Flash content on 58 websites, thanks to a hidden list.
YouTube is reading text in users’ videos
Google keeps tabs on much of your activity. Now, it turns out that its YouTube service is also reading what’s in your videos too.
Update now! WordPress 5.0.1 release fixes seven flaws
Don’t delay, update your WordPress website today.
Serious XSS flaw discovered in Evernote for Windows, update now!
Online-note-sharing company Evernote has patched a hole that allowed attackers to infect notes shared via its service.
Serious XSS vulnerability discovered in Signal
Researchers have discovered a serious cross-site scripting (XSS) vulnerability affecting all desktop versions of Edward Snowden’s favourite security application, Signal.
LinkedIn patches serious leak in its AutoFill plugin
Anyone could have drained their users’ LinkedIn profile data
PayPal patches potential payment-stealing vulnerability
An XSS hole could apparently have allowed a crook to pop up a realistic PayPal “pay page” and steal the victim’s card data. Paul Ducklin takes a look…
WordPress 4.2.3 is out, update your website now
If you manage a website that utilizes WordPress – update now! The latest version has been released and includes a fix for a cross-site scripting (XSS) vulnerability that your website could do without.
Google Chrome “bad link” detection bypass – found, fixed
Here’s a small and simple XSS detection hole in Google Chrome – a reminder that even determined programmers sometimes overlook the obvious.