Description
Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name.
Remediation
References
Related Vulnerabilities
WordPress Plugin Uploader Cross-Site Scripting and Arbitrary File Upload Vulnerabilities (1.0.4)
WordPress Plugin Strong Testimonials Cross-Site Scripting (2.40.0)
Oracle JRE CVE-2012-4681 Vulnerability (CVE-2012-4681)
WordPress Plugin Ultimate Appointment Booking & Scheduling Cross-Site Scripting (1.1.9)
WordPress Plugin Social Media Share Buttons & Social Sharing Icons Security Bypass (1.5.1)