Description
Cross-site scripting (XSS) vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2015-4148)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.12)
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)
Zope Web Application Server Other Vulnerability (CVE-2000-0062)
PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182)