More WordPress Plugin Weakness-Vulnerability
Sucuri blog has the detailed information: https://blog.sucuri.net/2015/05/jetpack-and-twentyfifteen-vulnerable-to-dom-based-xss.html In short, the plugins Jetpack and TwentyFifteen had a bad file which could be attacked by a XSS(Cross Site Scripting) method. As Sucuri blog mentions the attack is actually DOM(Domain Object Model)-based XSS, which even a WAF(Web Application Firewall) cannot see this. Of course it has to … Read more