NuytsTech Security

CVE-2015-5733

by ·

Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.

Date published : 2015-11-09

http://www.securityfocus.com/bid/76331

https://codex.wordpress.org/Version_4.2.4

Tags: