The article details the discovery of an Unauthenticated Stored XSS vulnerability in the Popup Builder WordPress plugin. This vulnerability allows an unauthenticated attacker to inject arbitrary JavaScript, which will be executed when a user accesses an injected page....
The article is an announcement from Wordfence about the launch of their bug bounty program. The bug bounty program will offer a 10% bonus on all awarded bounties for the first 6 months. Additionally, the article provides a weekly vulnerability report, detailing the...
WordPress 6.4.2 was released on December 6, 2023, to address a Critical-Severity vulnerability that could allow attackers to execute arbitrary PHP code on WordPress sites. This patch was released to fix a POP chain introduced in version 6.4, which when combined with a...
The Wordfence Threat Intelligence team recently uncovered several vulnerabilities in the AI ChatBot WordPress plugin, which has over 4,000 active installations. After initiating the responsible disclosure process, the team received a prompt response from the plugin...
Loading...
