WordPress 3.7-4.9.1 - Cross-Site Scripting vulnerability
- Cross-Site Scripting vulnerability found in WordPress 3.7-4.9.1 versions in the Flash fallback files in MediaElement, a library that is included with WordPress.
- Update your Wordpress to the latest available version (at least 4.9.2).
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
WordPress version log
- Name CVE-N/A
Fixed In 4.9.2
- Disclosure date