National Cyber Awareness System:01/06/2016 06:14 PM EST
Original release date: January 06, 2016
WordPress 4.4 and prior versions contain a cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.4.1.
A copy of this publication is available at www.us-cert.gov. If you need help or have questions, please send an email to firstname.lastname@example.org. Do not reply to this message since this email was sent from a notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT@ncas.us-cert.gov to your address book.
OTHER RESOURCES: Contact Us | Security Publications | Alerts and Tips | Related Resources