By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Malware Reigned Supreme In 2012
    1 year ago
    BEWARE THE THINGBOT!
    1 year ago
    Is your PC a part of botnet? Check it!
    1 year ago
    Latest News
    Earn up to $10,000 for Vulnerabilities in WordPress Software
    2 hours ago
    Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
    2 hours ago
    Short-URL Services May Hide Threats
    23 hours ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (November 20, 2023 to November 26, 2023)
    1 day ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    1 year ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    1 year ago
    How to fix Microsoft Store not working on Windows 11
    1 year ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    10 months ago
    Now you can speed up any video in your browser
    10 months ago
    How to restore access to a file after EFS or view it on another computer?
    10 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    11 months ago
  • How To
    How ToShow More
    Bigger, Better, Cooler in a 2U1N form factor
    Bigger, Better, Cooler in a 2U1N form factor
    3 hours ago
    Vulnerability in crypto wallets created online in the early 2010s
    1 day ago
    Use Windows 11 features to inspire creativity, speed up everyday tasks
    2 days ago
    Windows brings nostalgia to the holidays with the return of Windows Ugly Sweaters, this year featuring the Bliss backdrop
    3 days ago
    Better debugging for Cloudflare Workers, now with breakpoints
    Better debugging for Cloudflare Workers, now with breakpoints
    3 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to find your router IP address on Windows 11
    1 year ago
    How to restore Registry from secret backup on Windows 10
    1 year ago
    How to set default printer on Windows 11
    11 months ago
    Latest News
    Change screen brightness on Windows 11
    2 hours ago
    How to share Microsoft 365 Family subscription with other people
    2 days ago
    How to enable random MAC address for Wi-Fi on Windows 10
    2 days ago
    How to join Office apps to Microsoft 365 Insider Program
    2 days ago
  • Glossary
  • My Bookmarks
Reading: Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Wordpress Threats

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

10alert
Last updated: 25 May
10alert 6 months ago
Share
1 Min Read

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

The Wordfence Threat Intelligence team has been monitoring an increase in attacks targeting a Cross-Site Scripting vulnerability in Beautiful Cookie Consent Banner, a WordPress plugin installed on over 40,000 sites. The vulnerability, which was fully patched in January in version 2.10.2, offers unauthenticated attackers the ability to add malicious JavaScript to a website, potentially allowing redirects to malvertizing sites as well as the creation of malicious admin users, both of which are appealing use cases for attackers.

Contents
Wordfence Firewall Blocks Bizarre Large-Scale XSS CampaignVulnerability Summary from Wordfence Intelligence

All Wordfence sites, including those running Wordfence Free, Wordfence Premium, Wordfence Care, and Wordfence Response, are protected against this vulnerability by the Wordfence Firewall’s Built-in Cross-Site Scripting protection. Note that since this vulnerability did not require a separate firewall rule, statistics for it are not currently publicly available on Wordfence Intelligence as they are aggregated under the general Cross-Site Scripting chart, where it currently accounts roughly over two-thirds of all attacks blocked by the rule.

Vulnerability Summary from Wordfence Intelligence

Description: Beautiful Cookie Consent Banner


Source: wordfence.com

Translate this article

TAGGED: PoC, Threat, Threats, WordPress, Worpdress
10alert May 25, 2023 May 25, 2023
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Bigger, Better, Cooler in a 2U1N form factor
Bigger, Better, Cooler in a 2U1N form factor
Apps 3 hours ago
Change screen brightness on Windows 11
News 5 hours ago
Earn up to $10,000 for Vulnerabilities in WordPress Software
Earn up to $10,000 for Vulnerabilities in WordPress Software
Wordpress Threats 5 hours ago
Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
Wordpress Threats 5 hours ago
Short-URL Services May Hide Threats
Threats 1 day ago

You Might Also Like

Earn up to $10,000 for Vulnerabilities in WordPress Software
Wordpress Threats

Earn up to $10,000 for Vulnerabilities in WordPress Software

5 hours ago
Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
Wordpress Threats

Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin

5 hours ago
Threats

Short-URL Services May Hide Threats

1 day ago
How To

Vulnerability in crypto wallets created online in the early 2010s

1 day ago
Show More

Related stories

Several Critical Vulnerabilities including Privilege Escalation, Authentication Bypass, and More Patched in UserPro WordPress Plugin
BridesMaid – neuron writes toasts For those very occasions when you need to give out a powerful
The other day Yandex pleased us with the announcement of a new Midi station – an excellent reason to listen
REMIX – remixes of pictures from neural networksCreate, share and correct works
How to download Diablo IV for free and absolutely legallyBlizzard has opened a free
Rostelecom employees were forced to abandon Android and iOS in favor of Aurora.
Previous Next

10 New Stories

Vulnerability in crypto wallets created online in the early 2010s
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 20, 2023 to November 26, 2023)
Thrive Theme: Dismiss Tooltip to Privilege Escalation
How To Redirect WordPress from HTTP to HTTPs
Use Windows 11 features to inspire creativity, speed up everyday tasks
How to protect corporate routers and firewalls against hacking
Previous Next
Hot News
Bigger, Better, Cooler in a 2U1N form factor
Change screen brightness on Windows 11
Earn up to $10,000 for Vulnerabilities in WordPress Software
Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin
Short-URL Services May Hide Threats
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?