CVE-2013-0734
Multiple cross-site scripting XSS vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 searchwords parameter in a search action to wpf.class.php or 2 togroupusers parameter in an addusertogroup action to...