The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. A stored cross-site scripting (XSS) vulnerability in the SEOPress WordPress plugin could allow attackers to inject arbitrary web scripts into websites, researchers said. SEOPress is a search engine optimization (SEO) tool that lets site… Source link
Read More »XSS Bug in SEOPress WordPress Plugin Allows Full Site Takeover – Threatpost
