Reflected XSS
A non-persistent XSS attack where malicious script is reflected off a web server via URL parameters or form submissions.
How it works
A non-persistent XSS attack where malicious script is reflected off a web server via URL parameters or form submissions.
In WordPress
Common in WordPress search forms, admin pages with URL parameters, and AJAX handlers that echo user input.
WP HealthKit checks for Reflected XSS-related vulnerabilities automatically
Run a Free Audit