A new XSS exploit vulnerability in WordPress was recently reported which could allow an unauthenticated attacker to inject JavaScript into comments.