Description
In WordPress before 4.7.3 (wp-includes/embed.php), there is authenticated Cross-Site Scripting (XSS) in YouTube URL Embeds.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2008-1812 Vulnerability (CVE-2008-1812)
WordPress Plugin Complete Gallery Manager for WordPress Arbitrary File Upload (3.3.3)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8623)
WordPress Plugin Post Thumbnail Editor Multiple Cross-Site Request Forgery Vulnerabilities (2.4.1)
OpenSSL Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-2650)