Beaver Builder is a popular plugin that allows anyone to create a professional looking website using an easy to use drag and drop interface. Users can start with a predesigned template or create a ...

WordPress announced a security update to fix two vulnerabilities that could provide an attacker with the opportunity to stage a full site takeover. Among the two vulnerabilities, the most serious one ...

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA and NOAA. Although 90 days ...

The WordPress team fixed a software flaw introduced in the 5.1 release that could allow potential attackers to perform stored cross-site scripting (XSS) attacks with the help of maliciously crafted ...

A cross-site scripting vulnerability in Microsoft Office 365 casts attention on the need to shore up the security of cloud-based enterprise applications. A researcher in the UK disclosed the details ...

Researchers found 50 cross site scripting vulnerabilities in the popular open source shopping cart application Zen Cart. Popular open source shopping cart app Zen Cart is warning its users of dozens ...

TweetDeck, a popular tool for Twitter power users, has announced that it has fixed the XSS vulnerability used in a hack that took place this morning and that users should log out and log back in to ...

If you’re using Skype for iOS on your iPhone or iPod touch, consider yourself warned: a cross-site scripting vulnerability looms in the “Chat Message” window in version 3.0.1 and earlier versions. The ...

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue. The bug was found ...

Evernote has patched a flaw in the Microsoft Windows version of the app which permitted stored XSS attacks to occur. The vulnerability, CVE-2018-18524, has been resolved in Evernote for Windows 6.16.1 ...