[ Thanks to Hungry
Hacker for this link. ]
“It has been found that the latest version 3.2.1 of WordPress,
an extremely popular suite of tools for powering blogs, is
vulnerable to XSS injection attack which allows users to inject
malicious JavaScript as a result of failure in sanitizing the
comments field. Without discussing much about what this
vulnerability could do to your blog I will jump to how it works and
the solution.”