all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

Add to bookmarks
May 24, 2023, 8:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites. The vulnerability, which was fully patched in January in version 2.10.2, offers unauthenticated attackers the ability to add malicious JavaScript to a website, potentially allowing redirects to malvertizing sites as well as the creation of malicious admin users, both of which are appealing use cases for attackers.


All Wordfence sites, …

attackers attacks campaign consent cookie cookie consent banner cross-site firewall intelligence january javascript large malicious monitoring plugin scale scripting targeting team threat threat intelligence version vulnerability website wordfence wordpress wordpress plugin xss

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Change Healthcare hasn't given VA details on hack-impacted veterans, top lawmaker says 15 hours ago | malware.news
change change healthcare hack healthcare +4
Two years in, Google says passkeys now protect more than 400 million accounts 16 hours ago | malware.news
account accounts article google +7
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome 16 hours ago | malware.news
blog browsers bug chrome +19
How to Talk to The Board About Exposure 16 hours ago | malware.news
topic
Pro-Russia hackers target OT weaknesses in critical infrastructure 16 hours ago | malware.news
american article breaches critical +21
Watch out for tech support scams lurking in sponsored search results 17 hours ago | malware.news
blog blog post campaign home +12
Threat Intelligence Snapshot: Week 18, 2024 17 hours ago | malware.news
access amp april find +13
CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks 17 hours ago | malware.news
account account takeover agency article +30
Increased stealth introduced in updated Zloader malware 17 hours ago | malware.news
analysis anti-analysis article banking +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Data Privacy Manager m/f/d)

@ Coloplast | Hamburg, HH, DE
View on infosec-jobs.com

Cybersecurity Sr. Manager

@ Eastman | Kingsport, TN, US, 37660
View on infosec-jobs.com

KDN IAM Associate Consultant

@ KPMG India | Hyderabad, Telangana, India
View on infosec-jobs.com

Learning Experience Designer in Cybersecurity (f/m/div.) (Salary: ~113.000 EUR p.a.*)

@ Bosch Group | Stuttgart, Germany
View on infosec-jobs.com

Senior Security Engineer - SIEM

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs