2017-09-23 20:00:00
mitre
PUBLISHED
Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name.