XSS Vulnerability in Popular WordPress Plugin Affects 2 Million Sites
XSS Vulnerability in Popular WordPress Plugin Affects 2 Million Sites
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
A Cross-Site scripting vulnerability has been discovered in an Advanced Custom Fields plugin for WordPress which has put 2 Million websites at risk.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.