fbpx

XSS Flaw Impacting 100,000 Sites Patched in KingComposer

On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability.

Wordfence Premium customers received a new firewall rule the same day, protecting against the newly patched access control vulnerabilities as well as the unpatched Cross-Site Scripting vulnerability. Wordfence users still using the free version will receive this rule after 30 days, on July 15, 2020.

We attempted to contact the plugin’s developers the

This post was originally published on this site

GET UP TO $500K IN BUSINESS FUNDING

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW