Stored XSS
A persistent cross-site scripting attack where malicious script is saved to the server and served to other users.
How it works
A persistent cross-site scripting attack where malicious script is saved to the server and served to other users.
In WordPress
Often occurs when plugin settings or user input is saved to the database without sanitization and displayed without escaping.
Related terms
WP HealthKit checks for Stored XSS-related vulnerabilities automatically
Run a Free Audit