On March 14, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for 2 nearly identical Cross-Site Scripting vulnerabilities in the Weaver Xtreme theme and the Weaver Show Posts plugin, which each have over 10,000 installations. The plugin developer responded the same day and we provided full disclosure.
You may also like
How to Improve Accessibility on Your WordPress Site
Do you want to improve accessibility on your...
WordPress 6.5 Release Candidate 4
The latest release candidate (RC4) for WordPress...
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 18, 2024 to March 24,...
Did you know we’re running a Bug Bounty...