CVE-2017-14720

CVE-2017-14720

Before version 4.8.2, WordPress allowed a Cross-Site scripting attack in the template list view via a crafted template name.