EPSS
Percentile
75.8%
WordPress is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary webscript through the name or version header of a plugin.
www.openwall.com/lists/oss-security/2017/01/14/6
github.com/WordPress/WordPress/commit/c9ea1de1441bb3bda133bf72d513ca9de66566c2
wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/