The plugin Breadcrumbs by menu was closed on the Plugin Directory on the 6th. While no reason has been given for the closure the developer has submitted two revisions to the underlying Subversion repository for the Plugin Directory labeled as being security updates. Looking at the changes made in those we found that the plugin previously contained a settings change vulnerability that leads to a persistent cross-site scripting (XSS) vulnerability.

…

[Read more]