6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.0%
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field.
codex.wordpress.org/Version_3.3.3
core.trac.wordpress.org/changeset/21083