There are many misconceptions around the potential effects cross-site scripting (XSS). The usual pop-up alert(1) window is failing to demonstrate the potential consequences of XSS to non-security people. See a walk-through process of exfiltrating data from a Wordpress site by exploiting a XSS vulnerability.
Author: Gabor
Gabor Szathmari is a cybersecurity expert and digital privacy enthusiast. In his professional life, Gabor helps businesses, including many small and mid-size legal practices, with their cybersecurity challenges at Iron Bastion.