InfoWorld

Persistent XSS flaws patched in multiple WordPress plugins

In addition to the All-in-One SEO plugin, WordPress administrators should update others that also have a cross-site scripting flaw Earlier this week, WordPress administrators were urged to update to ...
Bleeping Computer

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...
FOX40 News

Searchlight Cyber Finds Three Cross-Site Scripting Vulnerabilities in Adobe Experience Manager

BRISBANE, AUSTRALIA, July 2, 2025 /EINPresswire.com/ -- The Assetnote Security Research Team at Searchlight Cyber has published the details of three consecutive ...
Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...