Expert Comments

Security Expert Re: XSS Vulnerability Impacts 100,000 WordPress Websites with KingComposer Plugin

Expert(s): Security Experts
Expert(s): Security Experts
A reflected cross-site scripting (XSS) vulnerability impacting 100,000 websites has been patched in the KingComposer WordPress plugin. A patched version of the plugin, version 2.9.5, was released on June 29.  While approximately 62% of users have updated to version 2.9.5,  around 38% of websites with KingComposer enabled are still at risk of exploit.  

Experts Comments

July 13, 2020
Tim Chiu
Vice President of Marketing
K2 Cyber Security
XSS vulnerabilities still plague us even though XSS was first found in the year 2000 -- we’re now in the 20th anniversary of its discovery. By 2007, XSS had become the most common exploit of web applications. Unfortunately, today XSS is still one of the most attacked vulnerabilities and ranks as one of the OWASP top 10 web application security risks. To prevent XSS attacks, developers should implement good coding practices when writing and creating a web application. But while that’s a.....Read More
XSS vulnerabilities still plague us even though XSS was first found in the year 2000 -- we’re now in the 20th anniversary of its discovery. By 2007, XSS had become the most common exploit of web applications. Unfortunately, today XSS is still one of the most attacked vulnerabilities and ranks as one of the OWASP top 10 web application security risks. To prevent XSS attacks, developers should implement good coding practices when writing and creating a web application. But while that’s a great start to application security, there’s of course no guarantee that testing and good code writing will catch all the XSS vulnerabilities in the application code. Every organization still needs a layer of application security and protection for those undiscovered XSS vulnerabilities.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Planned Parenthood LA breached, Experts Weigh In

Data Security Comment: Colorado Energy Company Loses 25 Years Of...

Colorado Energy Company DMEA Loses 25 Years Of Data After...

Governemnt Data Breach Of New Years Honours Recipients

New Malvertising Campaign Spreads Backdoors, Malicious Chrome Extensions

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Data Hacked For 400,000 LA Patients

IKEA Suffering Ongoing “Reply-Chain” Email Attack

Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication...

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts