Cross-site Scripting (XSS)
johnpbloch/wordpress is vulnerable to cross-site scripting XSS. The vulnerability exists through a flawed sanitizing mechanism where wpfilterpostkses is used instead of wpfilterkses, allowing HTML tags to be passed and interpreted...