Apr 15
28
A new comment XSS exploit vulnerability, being called “Zero Day”, has been found in the latest versions of WordPress: 4.2, 4.1.2, 4.1.1, and 3.9.3. The Zero Day exploit allows an attacker to insert JavaScript into comments.
Continued here:
Vulnerability Found in Latest Versions of WordPress, Patch Now Available by @mattsouthern