Wednesday, June 1, 2016

Stored XSS in Jetpack Plugin Puts Over One Million #WordPress Sites at Risk

Stored XSS in Jetpack Plugin Puts Over One Million WordPress Sites at Risk Automattic fixed a dangerous cross-site scripting (XSS) vulnerability in the Jetpack plugin affecting over one million sites that have this plugin installed. Jetpack is a free module provided by Automattic, the makers of WordPress, which adds features ... read moreFlaw in popular WordPress plug-in Jetpack puts over a million websites at risk ... WordPress.com and the WordPress open-source project, and has over 1 million active installations. Researchers from Web security firm Sucuri have found a stored cross-site scripting (XSS) vulnerability that affects all Jetpack releases since 2012 ... read more

WordPress plug-in flaw puts over 1M websites at risk ... WordPress.com and the WordPress open-source project, and has over 1 million active installations. Researchers from Web security firm Sucuri have found a stored cross-site scripting (XSS) vulnerability that affects all Jetpack releases since 2012 ... read moreStored XSS vulnerability identified in Jetpack plugin for WordPress The Jetpack plugin opens ... has more than a million active downloads. The stored XSS bug puts any affected WordPress website at risk of being completely taken over. The issue was fixed earlier this week with the release of Jetpack 3.7.1 and 3.7.2, but ... read moreWordPress Vulnerability Puts Millions of Websites At Risk JetPack is a popular WordPress plugin with more than 1 Million download ... In this proof of concept, the XSS printed a javascript alert, but could be used to execute javascript in your browser and take over the site if you are logged in as admin." read moreCritical XSS Vulnerability in WordPress Puts Millions of Websites at Risk The vulnerability lies in the Twenty Fifteen theme and plugin, which is installed in new WordPress sites ... the JetPack plugin offered by WordPress, is also vulnerable to the DOM-based XSS flaw. Currently, Jetpack is being used on over one million ... read moreWordPress Sites Backdoored, Leaking Credentials The researchers also released a partial list of compromised WordPress sites: "When unsuspecting users attempt to login to one ... put personal information at risk. Another XSS issue was also found in Genericons, an icon package used by the Jetpack plugin ... read moreHow the WordPress XSS vulnerability was patched so quickly David Dede, a malware researcher with Sucuri Inc., wrote about vulnerabilities in at least two WordPress plug-ins that could lead to XSS exploits ... other is JetPack, a popular customization and performance plug-in that has more than one million active ... read moreWordPress patches critical XSS vulnerability "The attacker can supply any attributes in the allowed HTML tags, in the same way as with the two recently published stored XSS vulnerabilities affecting the WordPress core," he wrote. Versions 3.9.3, 4.1.1 ... by around 75 million sites worldwide ... read more

Buy AutoTrafficRSS script now for $27 only!

We will send the script to your PayPal email within few hours,Please add FullContentRSS@gmail.com to your email contact.
Source: Stored XSS in Jetpack Plugin Puts Over One Million #WordPress Sites at Risk

No comments:

Post a Comment