Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites

5 February 2021

A security bug in Contact Form 7 Style, a WordPress plugin installed on over 50,000 sites, could allow for malicious JavaScript injection on a victim website. The latest WordPress plugin security vulnerability is a cross-site request forgery (CSRF) to stored cross-site scripting (XSS) problem in Contact Form 7 Style, which is an add-on to the well-known Contact Form 7 umbrella plugin.

Read full article on Threat Post

Date:

5 February 2021

Categorie(s):

NEWS

Tag(s):

Bug, Plugins, Security Pro, Sites, Vulnerability

Hackers make millions of attempts to exploit WordPress plugin vulnerability26 April 2024
Cybersecurity provider Darktrace to be acquired by Thoma Bravo for $5.3B26 April 2024
BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 202326 April 2024
Kaiser Permanente shared 13.4M people’s data with Microsoft Bing, Google, others26 April 2024
Discover How DeepL Write Pro Enhances Accuracy and Security26 April 2024