News

Bleeping Computer1y

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks.
InfoWorld9y

Persistent XSS flaws patched in multiple WordPress plugins

Earlier this week, WordPress administrators were urged to update to the popular All-in-One SEO plugin to address a persistent cross-site scripting vulnerability. But other widely used plugins also ...
Bleeping Computer2y

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS).
FOX40 News2mon

Searchlight Cyber Finds Three Cross-Site Scripting ... - FOX40

BRISBANE, AUSTRALIA, July 2, 2025 / EINPresswire.com / -- The Assetnote Security Research Team at Searchlight Cyber has published the details of three consecutive persistent Cross-Site Scripting ...
NBC4 Columbus2mon

Searchlight Cyber Finds Three Cross-Site Scripting Vulnerabilities in ...

BRISBANE, AUSTRALIA, July 2, 2025 / EINPresswire.com / -- The Assetnote Security Research Team at Searchlight Cyber has published the details of three consecutive persistent Cross-Site Scripting ...