Theres a new vulnerability with WordPress.
The vulnerability was discovered by Jouko Pynn√∂nen of Klikki Oy.
Wordpress Team has released a update to solve it.
Update your WordPress immediately!
If your WordPress site allows users to post comments via the WordPress commenting system, you‚Äôre at risk. An attacker could leverage a bug in the way comments are stored in the site‚Äôs database to insert malicious scripts on your site, thus potentially allowing them¬†to infect your visitors with malware, inject SEO spam or even insert backdoor in the site‚Äôs code if the code runs when in a logged-in administrator browser.