Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
References
Configurations
Information
Published : 2016-05-21 18:59
Updated : 2017-11-03 18:29
NVD link : CVE-2015-5714
Mitre link : CVE-2015-5714
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
wordpress
- wordpress