Official OWASP ZAP

The Jenkins project announced an unresolved security vulnerability affecting the current version of this plugin (why?):
List of issues
KeySummaryCreatedUpdated
JENKINS-74265[zap] Migrate legacy checkUrl attribute in org/jenkinsci/plugins/zap/ZAPDriver/config.jelly
JENKINS-68393Adding build step has a wrong behaviour since Jenkins version 2.263.4
JENKINS-65399Zap plugin fails when configuring job with Jenkins 2.277.1 or later
JENKINS-63812Unable to generate report for official ZAP plugin
JENKINS-63395Enable ZAP Variable Replacement From Other Build Steps or Build Environment Steps
JENKINS-61588Failed to convert API response to XML: INVALID_CHARACTER_ERR
JENKINS-59079Warning in official ZAP plugin
JENKINS-56075Script based authentication unable to load authentication script file
JENKINS-49440Huge disk read load because of the progress log
JENKINS-47189Allow ZAP attacks on failed external spidering
JENKINS-46769Support Load Context
JENKINS-45534ZAP Options Remove External Sites when uncheck does drop lists of Urls
JENKINS-43696Add Locale Files
JENKINS-43560Checkboxes Scroll Page to Footer
JENKINS-43555Minimize Job Configurations Phase 1
JENKINS-42918Hide the context exclusions
JENKINS-42917Update ZAP Settings functionality
JENKINS-42916Update Installation Method
JENKINS-42915Modify Java Configuration
JENKINS-42914Hide override host and port
JENKINS-42912Minimize Job Configurations
JENKINS-42911Auth Script Extension Issue
JENKINS-42463Editing job configuration throws Serialization Error
JENKINS-40350Change the JIRA issue creator plugin to be officially supported
JENKINS-40349Support authenticated AJAX Spider Scan
JENKINS-40348Support execution of arbitrary scripts
JENKINS-40347Support credentials plugin
JENKINS-40021Cannot skip admin parameter in job creation
JENKINS-40018Support Authorized Domains
JENKINS-39988Support Build Management Tools - Thresholding
JENKINS-39986Support HTTP/NTLM Authentication
JENKINS-39945Support wiki format reports