The issue can be found in the way Akismet deals with hyperlinks present inside the site's comments, which could allow an unauthenticated attacker with good knowledge of WordPress internals to insert malicious scripts in the Comment section of the administration panel. An attack like this could lead to multiple exploitation scenarios, including a full site compromise.
More details on this security advisory can be found here:
Being proactive in the protection of your site is of one of the most important aspects of having a solid security posture. Therefore, we feel it's important to research and report on all potential threats as quickly as possible.
"I needed a team and a product like the firewall Sucuri offers, which automatically blocks anything malicious. Because of the popularity of the site, List25.com, we cannot afford the site to go down. We changed hosting providers and then turned on the Sucuri Web Application Firewall layer that sits on top at the DNS level. Before using Sucuri I had to mitigate these attacks myself, but now that I'm using Sucuri I don't have to do any of that and that is a big stress reliever for me."