2 matches found
UBUNTU-CVE-2015-5733
Cross-site scripting XSS vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title...
WordPress <= 4.2.3 - XSS #1
This vulnerability exists in the "refreshAdvancedAccessibilityOfItem" function. It allows an attacker to inject arbitrary web script or HTML via an accessibility-helper title. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-2-3-xss-2 Solution Update WordPress...