As you may recall, back in June, Checkmarx disclosed multiple cross-site scripting (XSS) vulnerabilities impacting Drupal Core, listed as CVE-2020-13663,…
A prankster registered a British company name containing a cross-site scripting (XSS) attack. Hilarity ensued.
Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe…
October is National Cyber Security Awareness Month, and we’re back with analyst Antony Garand to take a deeper look into…
The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin…
The Checkmarx Security Research Team recently audited the security of several high-profile websites, including Meetup.com. For those who are not…
Tala’s Global Data at Risk: 2020 State of the Web Report indicates that sensitive data like PII and credit card…
Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking…
During a routine research audit for our Sucuri Web Application Firewall, we discovered a cross-site scripting (XSS) vulnerability affecting 100,000+…
During these difficult times, people are increasingly relying on e-commerce. It’s never been more important to defend against Magecart and…