[SECURITY - NEWS] XSS Vulnerability Patched in SEOPress Affects 100,000 sites

only works if you allow registrations on the site. the attacker at least needs a valid user account (subscriber level is the minimum).
so if you have a blog without allowing registrations it can't be exploited.
There will not be serious problems, but it is still useful to update.
well if you allow users to register then it could be harmful. someone could hijack all traffic, or push malware etc. as javascript can be injected and you can do a lot of things with js.
in combination with other bugs it could even lead to full compromise of the site/server.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock