Tag: stored XSS

WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)

Posted by Author Diksha Ojha on Posted on

Astra Theme’s WordPress plugin fixed an XSS vulnerability that could lead to total site takeover and attacks on visitors.      A vulnerability in the Starter Templates – Elementor, Gutenberg, and Beaver Builder Templates plugin can allow contributor-level users to entirely replace any page on the site and implant malicious JavaScript at any time.    This vulnerability was first discovered … Continue reading “WordPress Plugin Starter Templates Stored Cross-Site Scripting (XSS) Vulnerability Impacts Over Million Sites (CVE-2021-42360)”

Zero-days in WordPress Plugins 2020

Posted by Author Dhiren Vaghela on Posted on

Summary: During the past two weeks, we’ve seen a resurgence in attacks against WordPress plugins. Most of them have been briefed in below section. Description: Lets try to understand those 8 vulnerable plugins one by one. Duplicator Duplicator is one of the most popular plugins on the WordPress portal, with more than one million installs … Continue reading “Zero-days in WordPress Plugins 2020”