Cross-site scripting vulnerability in WordPress versions prior to 6.0.3 allows a remote unauthenticated attacker to inject an arbitrary script. The developer also provides new patched releases for all versions since 3.7. (CVSS:6.1) (EPSS:0.08%) (Last Update:2023-02-03 16:58:22)