https://blog.anantshri.info/temp_fix_wordpress_comment_xss Today there was a 0Day attack released in Full-disclosure which affected multiple versions of @[6427302910:274:WordPress]
I have written a Nginx configuration which acts as a server side Fix for the attack which should hold attacker till we receive an official fix from wordpress team.
https://blog.anantshri.info/temp_fix_wordpress_comment_xss
Comments criticism bricks bats welcome. Updated 27 Apr 2015, 16:26