Threat Post

D-Link Router Vulnerable to Cross-Site Scripting

D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number of stored and reflective cross-site scripting (XSS) vulnerabilities. D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number ...
Searchenginejournal.com

WordPress SiteOrigin Widgets Bundle Plugin Vulnerability Affects +600,000 Sites

The SiteOrigins Widgets plugin, with +600,000 active installations, provides a way to easily add a multitude of widget functions like sliders, carousels, maps, change the way blog posts are displayed, ...
ZDNet

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

A stored cross-site scripting (XSS) vulnerability in the iCloud domain has reportedly been patched by Apple. Bug bounty hunter and penetration tester Vishal Bharad claims to have discovered the ...
Dark Reading

Researcher Reports Vulnerability in Apple iCloud Domain

Apple has reportedly fixed a stored cross-site scripting (XSS) vulnerability in the iCloud domain following its discovery by security researcher Vishal Bharad, ZDNet reports. Stored XSS, also known as ...
TechSpot

Apple AirTags are vulnerable to stored XSS injection attacks

PSA: Be warned: Apple AirTags are currently vulnerable to stored cross-site scripting (XSS) attacks. Among the various XSS exploits possible is a simple site redirect. If you find an AirTag and are ...