Zero-Day Stored XSS in Social Warfare

Zero-Day Stored XSS in Social Warfare

A zero-day vulnerability has just appeared in the WordPress plugin world, affecting over 70,000 sites using the Social Warfare plugin.

The plugin is vulnerable to a Stored XSS (Cross-Site Scripting) vulnerability and has been removed from the plugin repository. Attacks can be conducted by any users visiting the site.

A patch has been released and users are advised to update to version 3.5.3 as soon as possible.

What Is It All About?

Continue reading Zero-Day Stored XSS in Social Warfare at Sucuri Blog.

Via Sucuri.net

Tags: ,