Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Stored XSS Patched Version:  3.1.5 During a routine audit for our WAF, we discovered a critical stored XSS vulnerability affecting Akismet, a popular WordPress plugin deployed by millions of installs. Vulnerability Disclosure Timeline: October 2nd, 2015 – Bug discovered, initial report to Automattic security team October 5th, 2015
Read More

The post Security Advisory: Stored XSS in Akismet WordPress Plugin appeared first on Sucuri Blog.

Via Sucuri.net