CVE-2017-14724

Before version 4.8.2, WordPress was vulnerable to cross-site scripting in oEmbed discovery. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt