Another XSS security issue was found today in the popular poly-plugin Jetpack and the Twenty Fifteen default theme. Both use a set of web icons for blogs called Genericons and this is where the issue lies – an insecure file within the Genericons package. Read more about the problem. WP Minder clients, you’re already patched.