WordPress < 3.9.5 / 4.1.x < 4.1.4 / 4.2.x < 4.2.1 Comments Stored XSS
Medium Nessus Network Monitor Plugin ID 9027
SynopsisThe remote server is hosting an outdated installation of WordPress that is affected by a cross-site scripting vulnerability.
SolutionUpgrade to WordPress 4.2.1, or later. If 4.2.x cannot be obtained, 4.1.4 was also patched for this vulnerability.\n\nAs a workaround, disable comments and do not approve any comments.