Archive for the ‘XSS vulnerability’ Category

Severe Flaw Disclosed In StackStorm DevOps Automation Software

March 11th, 2019
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services. StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows

Posted in application security, cross site origin request, Cross site scripting, hacking news, StackStorm, Web Application Security, XSS vulnerability | Comments (0)

Yahoo Flaw Allowed Hackers to Read Anyone’s Emails

December 8th, 2016

Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user’s inbox.

Jouko Pynnönen, a Finnish Security researcher from security firm Klikki Oy, reported a DOM based persistent XSS (Cross-Site Scripting) in Yahoo mail, which if exploited, allows an attacker to send emails embedded with malicious code.
<!– adsense –>

Posted in email hacking, hack yahoo email, hacking news, How to hack email, Vulnerability, XSS vulnerability, Yahoo bug bounty | Comments (0)

200 Million WhatsApp Users Vulnerable to vCard Vulnerability

September 9th, 2015

WhatsApp recently claimed to have hit 900 Million monthly active users, but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk.

Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers to trick users into downloading malware on their computers in a new and more sophisticated way.

Posted in Cross site scripting, hacking computers, hacking WhatsApp, Vulnerability, Whatsapp hacking, whatsapp vcard, XSS vulnerability | Comments (0)

PayPal Vulnerability Allows Hackers to Steal All Your Money

August 27th, 2015

A critical security vulnerability has been discovered in the global e-commerce business PayPal that could allow attackers to steal your login credentials, and even your credit card details in unencrypted format.
Egypt-based researcher Ebrahim Hegazy discovered a Stored Cross Site Scripting (XSS) vulnerability in the Paypal’s Secure Payments domain.
As it sounds, the domain is used to conduct

Posted in bug bounty, Cross site scripting, hacking news, paypal hacking, Vulnerability, XSS vulnerability | Comments (0)

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

July 23rd, 2015

WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3, to fix a critical security vulnerability that could have been exploited by hackers to take over websites, affecting the security of its Millions of sites.

WordPress version 4.2.3 resolves a Cross-Site Scripting (XSS) flaw that could allow any user with the Contributor or Author role

Posted in Cross site scripting, hacking wordpress website, secure wordpress website, Vulnerability, WordPress, Wordpress Security, XSS vulnerability | Comments (0)

WordPress Vulnerability Puts Millions of Websites At Risk

May 7th, 2015

Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting (XSS) vulnerability present in the default installation of the widely used content management system.

The cross-site scripting (XSS) vulnerability, uncovered by the security researcher reported by Robert Abela of Security firm Netsparker.

WordPress vulnerability

Posted in Cross site scripting, DOM-based XSS vulnerability, hacking news, hacking wordpress website, Jetpack for WordPress, Vulnerability, Wordpress hacking, XSS vulnerability | Comments (0)

‘Google Analytics by Yoast’ WordPress Plugin Patches Critical Vulnerability

March 21st, 2015

Another popular WordPress plugin by Yoast has been found to be vulnerable to a critical flaw that could be exploited by hackers to hijack the affected website.
The critical vulnerability actually resides in the highly popular Google Analytics by Yoast plugin, which allows WordPress admins to monitor website traffic by connecting the plugin to their Google Analytics account.
The Google Analytics

Posted in Cross site scripting, Google Analytics by Yoast, hacking wordpress website, Wordpress hacking, Wordpress plugin vulnerability, WordPress SEO by Yoast plugin, XSS vulnerability | Comments (0)