This vulnerability exists in the "refreshAdvancedAccessibilityOfItem" function. It allows an attacker to inject arbitrary web script or HTML via an accessibility-helper title.
Related records:
http://db.threatpress.com/vulnerability/wordpress/wordpress-4-2-3-xss-2
Solution
Update WordPress.
Classification
Type XSS (Cross Site Scripting) OWASP Top 10 A3: Cross Site Scripting (XSS)