Description
In WordPress before 4.7.3 (wp-admin/js/tags-box.js), there is cross-site scripting (XSS) via taxonomy term names.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Analytics Opt-Out Cross-Site Scripting (2.3.4)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3383)
Atlassian Jira Improper Authentication Vulnerability (CVE-2019-20412)
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)