May 17, 2017 WordPress and Joomla released security patches for vulnerabilities affecting their core components. The WordPress update includes patches for XSS, CSRF and validation check vulnerabilities. The Joomla update patches an SQL Injection vulnerability caused by inadequate filtering of request data. Due to the nature of these vulnerabilities, the IT Security Office recommends patching these vulnerabilities ASAP.
For more information visit:
WordPress Security Bulletin - https://wordpress.org/news/2017/05/wordpress-4-7-5/
Joomla Security Bulletin - https://developer.joomla.org/security-centre.html