On April 5, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting (XSS) vulnerability in Blubrry’s PowerPress plugin, which is actively installed on more than 50,000 WordPress websites. The vulnerability enables threat actors with contributor-level permissions or higher to inject malicious web scripts into pages using the plugin’s shortcode.
You may also like
How to Display Most Popular Tags in WordPress (2 Easy Methods)
Do you want to display the most popular tags used...
MojoAuth Passwordless Login Plugin for WordPress
WordPress is already a fairly secure platform. It...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14,...
Did you know we’re running a Bug Bounty...