0.004 Low
EPSS
Percentile
74.9%
The attackers can conduct cross-site scripting (XSS) attacks via modified data to post.php or page.php with a no_filter field.
Update WordPress.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4893