Description
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.
Remediation
References
Related Vulnerabilities
WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Cross-Site Request Forgery (3.4.1)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3376)
WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3)
Oracle Database Server CVE-2020-2510 Vulnerability (CVE-2020-2510)