WordPress 4.2 stored XSS


#1

Update to 4.2.1 now or disable comments

http://seclists.org/fulldisclosure/2015/Apr/84