Source |
Bleeping Computer |
Identifiant |
1077275 |
Date de publication |
2019-03-22 14:12:00 (vue: 2019-03-22 20:01:12) |
Titre |
Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects |
Texte |
WordPress websites using unpatched Social Warfare installations (v3.5.1 and v3.5.2) are exposed to attacks abusing a zero-day stored Cross-Site Scripting (XSS) vulnerability fixed in the 3.5.3 version of the plugin. [...] |
Envoyé |
Oui |
Condensat |
abusing add are attacks cross day exposed fixed installations malicious plugin redirects scripting site social stored unpatched used using version vulnerability warfare websites wordpress xss zero |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|
Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-03-24 11:01:03 |
(Déjà vu) WordPress Social Warfare plugin zero-day exploited in attacks (lien direct) |
A Cross-Site Scripting (XSS) vulnerability in Social Warfare installations (v3.5.1 and v3.5.2) is actively exploited to add malicious redirects. The vulnerability in the WordPress plugin has been fixed with the release of the 3.5.3 version of the plugin. Vulnerable versions of the Social Warfare plugin are currently installed on more than 70,000 websites. The plugin […]
|
Vulnerability
|
|
|