CVE-2016-11001 (user_submitted_posts)

The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.

View Full Alert