Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting (XSS) vulnerability present in the default installation of the widely used content management system.
The cross-site scripting (XSS) vulnerability, uncovered by the security researcher reported by Robert Abela of Security firm Netsparker.
Wordpress vulnerability