A handful of bugs, mostly XSS and CSRF vulnerabilities, have been plaguing at least eight different Wordpress plugins as of late. A smattering of bugs, mostly cross-site scripting (XSS) and cross-site ...

A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs. WordPress developers are encouraging users of the content management system to apply ...

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...

The U.S. Government National Vulnerability Database published warnings of multiple vulnerabilities affecting WordPress. There are multiple kinds of vulnerabilities affecting WordPress, including a ...

After Cross Site Scripting (XSS), the second most common web application security exploit is probably one you haven’t heard of: Cross Site Request Forgery (or CSRF for short). This little-known but ...

If you think Cross-Site Request Forgery (CSRF) vulnerabilities aren't easy to find or exploit on your Website, think again. A researcher has released a tool that makes it easier to test sites for CSRF ...

It’s common knowledge that images make webpages, email footers and other similar elements more presentable and attractive. But a simple image containing a malicious link can be a serious threat. For ...

While they may not pack the same punch or crop up at the same frequency as injection or cross site scripting attacks, cross site request forgery (CSRF) attacks should still be very much on the radar ...

The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form ...

WordPress has a new security update for its content management platform. Don't wait for attackers to launch attacks before updating to version 4.7.3 It’s been a bad few weeks to be a WordPress ...