dcsimg

New Stored XSS Bug Hits bbPress WordPress Forums

By HTMLGoodies Staff

The stored XSS vulnerabilities allows an attacker to insert code in a Web platform  which gets "stored" in its database or backend and then is displayed to all subsequent visitors that access the affected page. These posts would be saved to the database and then listed for users viewing the respective thread. If the attacker had the necessary skills, they could craft malicious code that would allow them to steal cookies from moderators or forum admins and impersonate them on the underlying WordPress backend, accessing it with elevated privileges. Continue reading this story here



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.

    By submitting your information, you agree that htmlgoodies.com may send you HTMLGOODIES offers via email, phone and text message, as well as email offers about other products and services that HTMLGOODIES believes may be of interest to you. HTMLGOODIES will process your information in accordance with the Quinstreet Privacy Policy.

  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date