WordPress plugin XSS exposed 100k sites

Henry explains a vulnerable real-time find plugin allowed XSS, JS injection, and potential admin takeover; patch noted.

Play episode from 07:25

chevron_right

Transcript

chevron_right

Transcript

Episode notes

Help support us on Patreon: https://www.patreon.com/techlore

Other Support Methods: https://techlore.tech/support.html

To watch the video on YouTube, subscribe to our channel: https://youtube.com/c/techlore

Welcome to the Techlore Surveillance Report, a weekly security and privacy news roundup to keep you up to speed on important updates in our digital world. Uploaded every weekend!

Techlore Website: https://techlore.tech
Patreon: https://www.patreon.com/techlore
Bitchute: https://www.bitchute.com/channel/techlore/
Techlore Subreddit: https://www.reddit.com/r/techlore/
Twitter: https://twitter.com/techloreistaken
Discord Server: https://discord.gg/74WhF9C
Matrix Room: https://matrix.to/#/#techlore:matrix.org
Telegram Channel: https://t.me/techloreofficial
Telegram Group: https://t.me/techloregroup
Amazon Support Affiliate Link: https://www.amazon.com/shop/influencer20170928875
Merchandise: https://teespring.com/stores/lemur-shop

Sources

Companies

https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/#7cf04a4a1b2a

Google/Apple

https://www.forbes.com/sites/daveywinder/2020/04/29/google-confirms-new-security-threats-for-2-billion-chrome-users/#bef865f39bc5

https://www.zdnet.com/article/google-discloses-zero-click-bugs-impacting-several-apple-operating-systems/

https://9to5mac.com/2020/04/29/how-to-turn-on-off-covid-19-contact-tracing-iphone-ios/

Other

https://www.theguardian.com/technology/2020/apr/29/amazon-thermal-cameras-china-dahua

https://www.zdnet.com/article/this-is-how-viewing-a-gif-in-microsoft-teams-triggers-account-hijacking-bug/

https://twitter.com/NBCNewsNow/status/1254924882934185984/video/1

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit dispatch.techlore.tech

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit surveillancepod.substack.com

Hosted on Acast. See acast.com/privacy for more information.

★ Support this podcast ★

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app

Home Top podcasts Popular guests Top books