FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- XSS vulnerability

Affected packages
wordpress < 4.4.1,1
de-wordpress < 4.4.1
ja-wordpress < 4.4.1
ru-wordpress < 4.4.1
zh-wordpress-zh_CN < 4.4.1
zh-wordpress-zh_TW < 4.4.1


VuXML ID fb754341-c3e2-11e5-b5fe-002590263bf5
Discovery 2016-01-06
Entry 2016-01-26
Modified 2016-03-08

Aaron Jorbin reports:

WordPress 4.4.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L.


CVE Name CVE-2016-1564