Dark Reading

New Plug-ins Help Firefox Find XSS, SQL Injection

4:14 PM -- Two new Firefox plug-ins were released last month to assist developers and security professionals in testing for cross-site scripting (XSS) and SQL injection vulnerabilities. Even though ...

Another worrying WordPress plugin security flaw could put 250,000 websites at risk

Ally was carrying an SQL injection flaw that allowed data exfiltration.
Threat Post

SQL Injection Bug Fixed in Popular WordPress SEO Plug-In

Popular search engine optimization plugin, SEO by Yoast fixed a blind SQL injection vulnerability yesterday that could be exploited to take control of affected sites. SEO by Yoast, a popular search ...

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.