Two Indian Security Experts : Aditya Modha & Samir Shah from from Net-Square Solutions reveals Zero Day Reflected Cross Site Scripting vulnerability in latest version of wordpress 3.3! The vulnerability exploit the comment feature of WordPress Blog. Following two Steps mentioned in Exploit.step 1: Post a comment to the target website. Replace the value of author tag, email tag, comment tag with the exact value of what has been post in the last comment. Change the. value of comment_post_ID to the value. of post (which can be known by opening that post).
Source: https://thehackernews.com/2012/01/zero-day-reflected-cross-site-scripting.html