Threat Post

WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. The recently patched WordPress REST API Endpoint vulnerability is ...
Bleeping Computer

WordPress Fixes Auto-Update and API Servers Security Flaws

The WordPress team has addressed a security flaw in the API servers responsible for the CMS' update mechanism, which if exploited, would have allowed an attacker to deploy backdoors and malware to 27% ...
Threat Post

20K WordPress Sites Exposed by Insecure Plugin REST-API

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS. More than 20,000 WordPress sites are vulnerable to malicious code injection, phishing ...
Bleeping Computer

Over 150k WordPress sites at takeover risk via vulnerable plugin

Two vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication. Last month, ...
Business Wire

New Wallarm report exposes API security risks for companies including Netflix and WordPress

SAN FRANCISCO--(BUSINESS WIRE)--Wallarm, the leading end-to-end API and app security company, today announced the release of its Q3-2023 Wallarm API ThreatStats™ report. The quarterly report details ...
SiliconRepublic

WordPress ends Twitter auto-sharing amid API price hike

Twitter recently changed the pricing of its API, with reports claiming enterprise access costs up to $42,000 per month. Twitter’s API changes have caused more fallout, with WordPress ending its ...