Description
Cross-site scripting (XSS) vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin NEX-Forms-Ultimate Form builder SQL Injection (3.0)
SharePoint CVE-2021-43876 Vulnerability (CVE-2021-43876)
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7.4)
WordPress Plugin VKontakte API Cross-Site Scripting (2.7)
Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005)