WordPress security: CookieYes GDPR plugin patches XSS bug following large-scale PHP audit

[ad_1]

Researchers claim five plugins use function insecurely – but some maintainers disagree

ddd

UPDATED A hugely popular GDPR compliance plugin for WordPress contained an authenticated, persistent cross-site scripting (XSS) vulnerability related to the insecure use of PHP’s function, according to security researchers.

As a result, the CookieYes GDPR Cookie Consent & Compliance Notice plugin, which has more than one million active installations, no longer uses the function in the shortcodes module, as per a software update released today (September…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *