WordPress <= 4.2.3 - XSS #1

This vulnerability exists in the “refreshAdvancedAccessibilityOfItem” function. It allows an attacker to inject arbitrary web script or HTML via an accessibility-helper title.

Related records:

http://db.threatpress.com/vulnerability/wordpress/wordpress-4-2-3-xss-2

Solution

           Update WordPress.