WordPress 5.9 Cross Site Scripting

Posted on 10 February 2022

WordPress versions 5.9 and below suffer from a cross site scripting vulnerability in the author and contributor roles. Per the researcher, WordPress is addressing this in their next release and considers this a medium severity vulnerability.