eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Cross-site scripting (XSS) attacks have become one of the ...

Attackers used SQL injection and cross-site scripting (XSS) to target at least 65 job-recruitment and retail websites with legitimate penetration-testing tools, stealing databases containing more than ...

Vulnerabilities were recently discovered in the popular AMP for WP plugin that allows any registered user to perform administrative actions on a WordPress site. It has now been discovered that an ...

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability.

The issue in the Rich Reviews plugin is being actively exploited. An unpatched vulnerability in the Rich Reviews plugin for WordPress is putting an estimated 16,000 sites in danger of stored ...

Cross-site scripting is a web application vulnerability which allows attackers to execute arbitrary code client-side in a victim's browser, which can lead to browser session hijacking or the theft of ...

Canadian researchers have built a set of free exploit tools for Web applications that run as Firefox browser plug-ins; the so-called ExploitMe suite includes tools for cross-site scripting (XSS) and ...

Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses. While initially thought to be a more severe ...