The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks.

A normal response to XSS attacks is to patch the vulnerability, invalidate session cookies so that everyone is forced to re-authenticate, and optionally force a password change.

As API attacks grow in frequency, it's important to defend against them. Understand how API vulnerabilities differ from those associated with web apps and which areas hackers target.

Most concerning is the staggering surge in web application and API attacks — a 257 percent growth in the number of attacks against financial services year over year.

Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks.