Posted by Winni Neessen on Apr 27

Am 27.04.2015 um 16:55 schrieb Hanno Böck <hanno () hboeck de>:

Looks like the WP team published an official fix:
https://wordpress.org/news/2015/04/wordpress-4-2-1/ <https://wordpress.org/news/2015/04/wordpress-4-2-1/>

“A few hours ago, the WordPress team was made aware of a cross-site
scripting vulnerability, which could enable commenters to compromise a
site. The vulnerability was discovered by Jouko Pynnönen.“

Winni