Description
Before version 4.8.2, WordPress was susceptible to a Cross-Site Scripting attack in the link modal via a javascript: or data: URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin Count per Day 'month' Parameter SQL Injection (2.17)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)
WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6)
WordPress Plugin Site Reviews Multiple Vulnerabilities (6.5.1)
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-1000206)