Important: Red Hat Security Advisory: Kiali 2.17.7 for Red Hat OpenShift Service Mesh 3.2

Kiali 2.17.7 for Red Hat OpenShift Service Mesh 3.2 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.2. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Critical. A Commo...

CVE-2025-4776 Phlox <= 2.17.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute

The Phlox theme for WordPress is vulnerable to Stored Cross-Site Scripting via the data-caption HTML attribute in all versions up to, and including, 2.17.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2025-4776 Phlox <= 2.17.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute

The Phlox theme for WordPress is vulnerable to Stored Cross-Site Scripting via the data-caption HTML attribute in all versions up to, and including, 2.17.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

PT-2026-1417

Name of the Vulnerable Software and Affected Versions Phlox theme for WordPress versions through 2.17.7 Description The Phlox theme for WordPress is susceptible to Stored Cross-Site Scripting through the data-caption HTML attribute. Insufficient input sanitization and output escaping allow...