WordPress · Wordpress · CVE-2015-3440
**Name of the Vulnerable Software and Affected Versions**
WordPress versions prior to 4.2.1
**Description**
A cross-site scripting (XSS) issue exists due to improper storage of long comments in the MySQL database, allowing remote attackers to inject arbitrary web script or HTML.
**Recommendations**
For versions prior to 4.2.1, update to version 4.2.1 or later to resolve the issue.