0.126 Low
EPSS
Percentile
95.5%
WordPress is vulnerable to cross-site scripting (XSS) attacks. The attacks are possible because the application does not filter unclosed HTML elements in attributes during the processing of shortcode tags.
codex.wordpress.org/Version_4.3.1
security-tracker.debian.org/tracker/CVE-2015-5714
wordpress.org/news/2015/09/wordpress-4-3-1/