5.7 Medium
AI Score
Confidence
High
Description WordPress does not properly escape URL attributes in the HTML API, allowing high-privileged users to perform Stored Cross-Site Scripting (XSS) attacks.
wordpress.org/news/2024/06/wordpress-6-5-5/