Global CyberSecurity

Reflected XSS in WordPress Plugin Admin Pages


Last Updated on 09/08/2020 by OTC

The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little purpose here — an administrator already has the required permissions to do all of the actions a vulnerability could cause.

While this is usually true, there are a number of techniques bad actors are using to trick an administrator into performing actions they would not expect, such as Cross Site Request Forgery (CSRF) or Clickjacking attacks.

Continue reading Reflected XSS in WordPress Plugin Admin Pages at Sucuri Blog.

Korea Aerospace Industries launch final assembly of KF-X fighter prototype

Previous article

Damen lays keel of the 2nd Inshore Patrol Vessel for the S.African Navy

Next article

You may also like


Comments are closed.