Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

Vulnerabilities

Cerberus last edited by

The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts.

https://threatpost.com/retail-woocommerce-sites-plugin-xss-bug/176704/
DISCLAIMER: Please note, that this article is not the work of (or owned by) Hostrisk.com. Attribution and copyright of this article is retained in full by the original author referred to in the Source link above
1 Reply Last reply
Reply Quote 0

Suggested Topics

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

0
Views

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.

https://threatpost.com/exploited-microsoft-zero-day-spoofing-malware/177045/
BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

3
Views

CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.

https://threatpost.com/braktooth-bluetooth-bugs-exploit-poc/176036/
Payment API Bungling Exposes Millions of Users’ Payment Data
Vulnerabilities • vulnerabilities • • Cerberus

1

0
Votes

1
Posts

6
Views

Misconfigured APIs make any app risky, but when you’re talking about financial apps, you’re talking about handing ne’er-do-wells the power to turn your pockets inside-out.

https://threatpost.com/payment-api-exposes-payment-data/174825/

1 / 1

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

Suggested Topics

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery Vulnerabilities • vulnerabilities • • Cerberus

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released Vulnerabilities • vulnerabilities • • Cerberus

Payment API Bungling Exposes Millions of Users’ Payment Data Vulnerabilities • vulnerabilities • • Cerberus

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
Vulnerabilities • vulnerabilities • • Cerberus

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released
Vulnerabilities • vulnerabilities • • Cerberus

Payment API Bungling Exposes Millions of Users’ Payment Data
Vulnerabilities • vulnerabilities • • Cerberus