First published: Sun May 22 2016(Updated: )
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WordPress WordPress | <=4.3.0 | |
debian/wordpress | 5.7.11+dfsg1-0+deb11u1 6.1.6+dfsg1-0+deb12u1 6.5.5+dfsg1-1 6.6.1+dfsg1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.