Description
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.
Remediation
References
Related Vulnerabilities
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1428)
WordPress Plugin WordPress Photo Gallery by Gallery Bank Cross-Site Scripting (3.0.69)
WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Request Forgery (4.7.2)
WordPress Plugin YITH WooCommerce Product Bundles Security Bypass (1.1.15)