An authenticated cross-site scripting (XSS) vulnerability has been discovered in in WordPress before 4.7.3 (wp-includes/embed.php) via YouTube URL Embeds.
An authenticated cross-site scripting (XSS) vulnerability has been discovered in in WordPress before 4.7.3 (wp-includes/embed.php) via YouTube URL Embeds.
https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8