Just a bit over a week ago, we released our new PHP security analysis; it checks your PHP projects for over 500 security vulnerabilities from categories such as XSS, different injection vulnerabilities, file inclusion, code execution and a lot more.
Yesterday, YOAST - a developer of several popular Wordpress plugins -, and others released several security updates that fix XSS vulnerabilities found by Scrutinizer. Since some of the potential attack vectors were found in several WordPress plugins, WordPress’s developer documentation was updated as part of the coordinate response, too. If you are using WordPress, make sure to upgrade your plugins to the latest versions.
Scrutinizer also found other vulnerabilities that are still being fixed at the moment. We will share more once the security releases have been made, and users have had a chance to upgrade.
Happy & Secure Coding! :)