May 25, 2023 By Sead Fadilpašić
A popular WordPress plugin was found vulnerable to XSS
(Image credit: Shutterstock/David MG)
Hackers are reportedly using an Unauthenticated Stored Cross-Site Scripting (XSS) flaw in a WordPress plugin to target thousands of websites, experts have warned.
Cybersecurity researchers from Defiant discovered the flaw in Beautiful Cookie Consent Banner, a WP cookie consent plugin with more than 40,000 active installations. The attackers could use the vulnerability to add malicious JavaScripts into the compromised websites, which would then be executed in the visitors’ browsers.
