SeQure: Cross-Site Scripting Vulnerability Tool for WordPress Form Plugins
Project Author
Issue Date
2023-05-05
Authors
Caldwell, Alexis
Loading...
Embargo
First Reader
Luman, Douglas J.
Additional Readers
Bonham-Carter, Oliver N.
Keywords
XSS , Vulnerability , Security , Sanitization
Distribution
Abstract
XSS vulnerabilities, despite being one of the older web exploits, continue to plague modern web applications. This odes to programmers not properly screening inputs to programs – in this case, web forms. The content manager system, WordPress, for example operates roughly 43% of web applications across the Internet. Within WordPress, it has distinct plugins to handle contact form information which includes the ability to take in information such as a name, a phone number, email address, etc. However, not all versions of these plugins are deemed safe. There are many versions of WordPress form plugins that allow attackers to enter in cross-site scripting, or otherwise known as XSS, scripts into these input forms making the attacker able to provide malicious information, downloads, and/or plugins to the user. To avoid XSS attacks within form plugins on WordPress, the plugin SeQure allows website users to be able to check their form plugins to make sure that they are safe for further use.
Description
Chair
Major
Computer Science
Department
Computer Science