Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities | allinfosecnews.com

May 30, 2024, 1:49 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation.
"These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site scripting (XSS) attacks due to inadequate input sanitization

accounts actively exploited administrator attacks cross-site cross-site scripting (xss) attacks cybersecurity exploitation exploited found high input plugin plugins plugin vulnerabilities researchers rogue scripting security severity threat threat actors unauthenticated uncover vulnerabilities wordpress wordpress plugin wordpress plugins xss

More from thehackernews.com / The Hacker News

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks 2 hours ago | thehackernews.com

analysis attacks compromised cybereason +9

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies 6 hours ago | thehackernews.com

attack censys companies domain +15

New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks 7 hours ago | thehackernews.com

attacks botnet called command +13

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus 1 day, 2 hours ago | thehackernews.com

arbitrary code attackers automation can +20

Brazil Halts Meta's AI Data Processing Amid Privacy Concerns 1 day, 4 hours ago | thehackernews.com

ai data algorithms anpd artificial +21

Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike 1 day, 7 hours ago | thehackernews.com

attack cobalt cobalt strike coordinated +15

Twilio's Authy App Breach Exposes Millions of Phone Numbers 1 day, 7 hours ago | thehackernews.com

accept accounts app authy +18

The Emerging Role of AI in Open-Source Intelligence 2 days ago | thehackernews.com

can digital director director of national intelligence +16

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool 2 days, 1 hour ago | thehackernews.com

called campaign canada capture +22

Sr. Staff Solution Engineer

@ SentinelOne | India

View on infosec-jobs.com

Senior DevOps Engineer

@ Kontakt.io | remote in Poland

View on infosec-jobs.com

Account Executive

@ Darktrace | Munich

View on infosec-jobs.com

Professional Services Engineer

@ Nozomi Networks | Chile

View on infosec-jobs.com

Professional Services Engineer

@ Nozomi Networks | Mexico

View on infosec-jobs.com

Professional Services Engineer

@ Nozomi Networks | Costa Rica

View on infosec-jobs.com