Threat Post

Details on WordPress Zero Day Disclosed

A Finnish researcher has disclosed details on an unpatched stored cross-site scripting vulnerability in the WordPress core engine. WordPress security issues have for the most part involved a ...
Bleeping Computer

High-severity GitLab flaw lets attackers take over accounts

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. The security flaw (tracked as CVE-2024-4835) ...