Don’t be a WordPress RCE-hole and patch up this XSS vuln, pronto

A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or edit blog…

You can read the full article here.