WordPress Patches Serious Shortcodes Core Engine Vulnerability – Threatpost

WordPress upgraded to 4.3.1, patching vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes.

Source: threatpost.com