Description
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.
Remediation
References
Related Vulnerabilities
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.2)
WordPress Plugin WP Statistics Multiple Cross-Site Scripting Vulnerabilities (12.0.1)
WordPress Plugin Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)
WordPress Plugin Radio Buttons for Taxonomies Cross-Site Request Forgery (2.0.5)