WordPress version 4.2 suffers from a persistent cross site scripting vulnerability.