During a routine audit of their popular Web Application Firewall (WAF), Sucuri discovered a critical stored XSS vulnerability affecting Akismet, a popular WordPress plugin deployed by millions of installs. This vulnerability affects everyone using Akismet version 3.1.4 and lower with the WordPress “Convert emoticons which is the case by default ...