EPSS
Percentile
91.4%
According to the WordPress release notes: “Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.”
fortiguard.com/zeroday/FG-VD-18-165
wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
www.fortinet.com/blog/threat-research/wordpress-core-stored-xss-vulnerability.html