Description
Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server CVE-2022-21271 Vulnerability (CVE-2022-21271)
Oracle JRE CVE-2017-10281 Vulnerability (CVE-2017-10281)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1167)
MySQL CVE-2016-9841 Vulnerability (CVE-2016-9841)
WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.19.0)