Dark Reading

Tech Insight: XSS Exposed

SQL injection has been getting most of the attention lately, but the average SQL injection attack isn't nearly as sophisticated and difficult to pull off as a well-crafted cross-site scripting (XSS) ...
Network World

The what, who, when, where, why and how of XSS

* Reflected or nonpersistent XSS attacks are similar to phishing scams. Reflected XSS uses the skeleton of a trusted Web site — the same look, feel and information passes back and forth from the ...
Searchenginejournal.com

Vulnerabilities In Two WordPress Contact Form Plugins Affect +1.1 Million

The affected contact form plugins are Ninja Forms, (with over 800,000 installations) and Contact Form Plugin by Fluent Forms (+300,000 installations). The vulnerabilities are not related to each other ...