XSS vulnerability in popular WordPress plugin SEOPress could enable complete site takeover

[ad_1]

Security issue in CMS add-on has been patched

A cross-site scripting (XSS) vulnerability in a popular WordPress plugin could allow an attacker to completely take over a website

A cross-site scripting (XSS) vulnerability in a popular WordPress plugin could allow an attacker to completely take over a website, researchers have warned.

The flaw made it possible for an attacker to inject arbitrary web scripts on a vulnerable site, which would execute anytime a user accessed the ‘All Posts’ page.

The vulnerable plugin, SEOPress, is installed on more than 100,000 websites.

Researcher Chloe Chamberland, threat analyst at Wordfence, explained the security issue in a blog post.

Insecure…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *