Dark Reading

Tech Insight: XSS Exposed

SQL injection has been getting most of the attention lately, but the average SQL injection attack isn't nearly as sophisticated and difficult to pull off as a well-crafted cross-site scripting (XSS) ...
Bleeping Computer

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...