A stored cross-site scripting (XSS) vulnerability in the iCloud domain has reportedly been patched by Apple. Bug bounty hunter and penetration tester Vishal Bharad claims to have discovered the ...

A flaw in two WordPress custom plug-ins leaves users vulnerable to cross-site scripting attacks (XSS), according to a recent report. The flaw, called CVE-2023-30777 was discovered on May 2 and was ...

Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an ...

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...

The issue in the Rich Reviews plugin is being actively exploited. An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored ...

The bug in Edge’s auto-translate could have let remote attackers pull off RCE on any foreign-language website just by sending a message with an XSS payload. Microsoft patched two bugs in its ...

Site administrators still using the Rich Reviews plugin for WordPress are easy targets as hackers are currently exploiting an unpatched vulnerability for malvertising campaigns. Although the plugin ...

Evernote has patched a flaw in the Microsoft Windows version of the app which permitted stored XSS attacks to occur. The vulnerability, CVE-2018-18524, has been resolved in Evernote for Windows 6.16.1 ...

A new report reveals an increased number of attacks against WordPress sites, all of which exploit security flaws in popular plugins. Many of the attacks against WordPress sites last month involve ...

Detectify, the application security testing platform for evolving attack surface coverage, today announced the expansion of its AppSec platform to include advanced API scanning capabilities, providing ...