As there is still no fix from upstream I created a quick'n'dirty fix for it: https://gist.github.com/hannob/a07f7b7e196c75c4c1a8 https://files.hboeck.de/wordpress-4.2-emergency-fix-xss.diff
It certainly doesn't comply with any coding style or anything :-) but it should protect you for now. -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
pgpdtp4yl7g2c.pgp
Description: OpenPGP digital signature
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
