Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7.
{ "cpes": [ "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*" ], "severity": "Medium" }