WordPress 4.2 - Persistent Cross-Site Scripting
WordPress 4.2 - Persistent Cross-Site Scripting Source: http://klikki.fi/adv/wordpress2.html Overview Current versions of WordPress are vulnerable to a stored XSS. An unauthenticated attacker can inject JavaScript in WordPress comments. The script is triggered when the comment is viewed. If...