1. Plugin Security Alert: High-Risk XSS Vulnerability in Bundled pdf.js Library (CVE-2024-4367)
A widely used plugin has been flagged for bundling a critically vulnerable version of the pdf.js library, exposing installations to a high-severity cross-site scripting (XSS) attack vector. The vulnerability, tracked as CVE-2024-4367, is present in the plugin's version 0.16.0 and was detected by security scanning tools...