Autoptimize, a WordPress optimization plugin, recently released an update to address a Stored XSS vulnerability. Anyone who uses the Autoptimize plugin should update it quickly to reduce the risk of hacking.
Stored XSS Vulnerability: This vulnerability allows the hacker to insert a malicious file that can be used to target other users of the site. Such scripts access the permissions of scripts created by the target website and, as a result, can compromise the security and privacy of data transfers between the website and the user.
The vulnerability that affects Autoptimize is known as an Authenticated Stored XSS vulnerability, which means that an attacker must be logged in to the web in order to exploit it. The Autoptimize WordPress Plugin flaw has been rated as medium, with a score of 5.4 out of 10.
The most recent update, version 2.8.4, addresses the vulnerability, according to the official Autoptimize Changelog. To keep your website secure, It is recommended to update the plugin as soon as possible.