CVE-2015-5733

2015-11-09T11:59:00
ID CVE-2015-5733
Type cve
Reporter cve@mitre.org
Modified 2017-09-21T01:29:00

Description

Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.