Description
Before version 4.8.2, WordPress was vulnerable to a cross-site scripting attack via shortcodes in the TinyMCE visual editor.
Remediation
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2004-1425)
OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3207)
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19355)
Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5499)