A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

A popular WordPress anti-malware plugin was discovered to have a reflected cross-site scripting vulnerability. This is a type of vulnerability that can allow an attacker to compromise an administrator ...

Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin. An extension of the WooCommerce WordPress plugin, used by 28 percent of all online stores, ...

TikTok has patched a reflected XSS security flaw and a bug leading to account takeover impacting the firm's web domain. Reported via the bug bounty platform HackerOne by researcher Muhammed "milly" ...

IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information. IBM fixed a cross-site scripting vulnerability in ...

In cyber security, attention is concentrated on the new -- zero-day exploits, for example, are big news and big business. But old threats can still cause big problems for organizations, even when the ...

A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two million WordPress websites. The flaw, a reflected cross-site scripting (XSS) ...

WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same ...

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue. The bug was found ...

Cross-site scripting (XSS) is the most commonly exploited vulnerability, according to HackerOne, currently the largest platform aimed at connecting organisations with a community of white hat hackers ...