Bleeping Computer

Zimbra patches zero-day vulnerability exploited in XSS attacks

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. Now ...
Searchenginejournal.com

WordPress Discovers XSS Vulnerability – Recommends Updating To 6.5.2

WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same ...
Bleeping Computer

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...