We just learned of a reflected XSS vulnerability in WordPress 3.3 via the comments form (wp-comments.php). It is explained in detail here. The disclosed vulnerability can only be triggered via Internet Explorer according to the disclosing party, our tests lead to the same result. To further note, this is hard to reproduce because it does [...]
See More..
