Security Expert Re: XSS Vulnerability Impacts 100,000 WordPress Websites with KingComposer Plugin

A reflected cross-site scripting (XSS) vulnerability impacting 100,000 websites has been patched in the KingComposer WordPress plugin. A patched version of the plugin, version 2.9.5, was released on June 29.  While approximately 62% of users have updated to version 2.9.5,  around 38% of websites with KingComposer enabled are still at risk of exploit.  

Tim Chiu, Vice President of Marketing,  K2 Cyber Security
July 13, 2020
To prevent XSS attacks, developers should implement good coding practices when writing and creating a web application.
XSS vulnerabilities still plague us even though XSS was first found in the year 2000 -- we’re now in the 20th anniversary of its discovery. By 2007, XSS had become the most common exploit of web applications. Unfortunately, today XSS is still one of the most attacked vulnerabilities and ranks as one of the OWASP top 10 web application security risks. To prevent XSS attacks, developers should im ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article