Description
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type.
Remediation
References
Related Vulnerabilities
WordPress Improper Privilege Management Vulnerability (CVE-2020-28036)
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2022-29224)
WordPress Plugin Pinterest by BestWebSoft Cross-Site Scripting (1.0.4)