Persistent XSS 0day in WordPress

Theres a new vulnerability with WordPress.
The vulnerability was discovered by Jouko Pynnönen of Klikki Oy.
Wordpress Team has released a update to solve it.
Update your WordPress immediately!


Who’s affected

If your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site’s code if the code runs when in a logged-in administrator browser.