in

Reflected XSS in WordPress Plugin Admin Pages

[ad_1]

Reflected XSS in WordPress Plugin Admin Pages

The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin panel would serve very little purpose here — an administrator already has the required permissions to do all of the actions a vulnerability could cause.

While this is usually true, there are a number of techniques bad actors are using to trick an administrator into performing actions they would not expect, such as Cross Site Request Forgery (CSRF) or Clickjacking attacks.

Continue reading Reflected XSS in WordPress Plugin Admin Pages at Sucuri Blog.

[ad_2]

Source link

What do you think?

Participant

Written by Antony Garand

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

0

Linguini — Restaurant WordPress Theme

NewsPlus – News and Magazine WordPress theme