Description
Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-admin/js/nav-menu.js in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via an accessibility-helper title.
Remediation
References
Related Vulnerabilities
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Scripting (3.2.12)
IBM Lotus Domino web server Cross-Site Scripting vulnerabilities
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1484)
WordPress Plugin Mapwiz SQL Injection (1.0.1)
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)