Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
www.debian.org/security/2015/dsa-3375
www.debian.org/security/2015/dsa-3383
www.securityfocus.com/bid/76745
www.securitytracker.com/id/1033979
codex.wordpress.org/Version_4.3.1
github.com/WordPress/WordPress/commit/f72b21af23da6b6d54208e5c1d65ececdaa109c8
security-tracker.debian.org/tracker/CVE-2015-5714
wordpress.org/news/2015/09/wordpress-4-3-1/
wpvulndb.com/vulnerabilities/8186