Red Hat Bugzilla – Bug 1296904
CVE-2016-1564 wordpress: cross-site scripting fixed in wordpress 4.4.1
Last modified: 2016-01-08 11:08:35 EST
A cross-site scripting (XSS) flaw was found in WordPress:
WordPress versions 4.4 and earlier are affected by a cross-site scripting vulnerability that could allow a site to be compromised. This was reported by Crtc4L.
This issue was fixed in the 4.4.1 release.
This was fixed in Fedora and EPEL via: