wordpress -- XSS vulnerability

ID C80B27A2-3165-11E5-8A1D-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-09-15T00:00:00


Gary Pendergast reports:

WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team.