Description
Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML via the s parameter (aka the selection variable).
Remediation
References
Related Vulnerabilities
WordPress Plugin Wonder PDF Embed Cross-Site Scripting (1.6)
WordPress Plugin flickr picture backup Arbitrary File Upload (0.7)
MySQL CVE-2020-14776 Vulnerability (CVE-2020-14776)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.17)
OpenVPN AS Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2020-36382)