WordPress Core, a content management system, is vulnerable to a type of attack known as cross-site scripting. This means that attackers with certain permissions could inject malicious code into pages on the website. This malicious code would execute whenever someone accesses the page, potentially stealing private information or corrupting the website. This vulnerability affects all versions of WordPress Core up to and including version 6.2.