Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

Scammers Are Scamming Other Scammers Out of Millions of Dollars

On cybercrime forums, user complaints about being duped may accidentally expose their real identities.

Wired
#xss#vulnerability#web#windows#google#git#wordpress#intel#backdoor
CVE-2022-43468: GitHub - cabrerahector/wordpress-popular-posts: WordPress Popular Posts - A highly customizable WordPress widget that displays your most popular posts.

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulated through a crafted input.

CVE-2022-40209: WordPress Importer plugin <= 1.0.2 - Reflected Cross-Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Themes WP Smart Import plugin <= 1.0.2 on WordPress.