According to an article on the Sucuri blog today, there is an extremely widespread security vulnerability in many WordPress plugins. The vulnerability seems to be the result of a breakdown in communication, where developers expected a set of core WordPress functions to do one thing, when it actually does another. Essentially, most plugin developers (including those […]
Potential Cross-Site Scripting Vulnerability in jQuery Scripts
October 4, 2014 by Leave a Comment
A few days ago, Eric A Mann posted an article explaining a potential XSS vulnerability in various jQuery scripts. The basic premise is that a very common coding practice in jQuery (checking to see if an element exists before trying to use it) could lead to an XSS attack. Essentially, if you use jQuery to […]