Description Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery. Remediation References CVE-2017-14724 Related Vulnerabilities Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302) WordPress Plugin BuddyPress Unspecified Vulnerability (2.6.0) WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.1) WordPress Plugin Total Team Lite-Responsive Team Manager/Showcase for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.1.1) MySQL CVE-2015-4752 Vulnerability (CVE-2015-4752) Severity Medium Classification CVE-2017-14724 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities