CVE-2015-9421
The CVE refers to the Olevmedia Shortcodes WordPress plugin. It is affected by a CSRF-induced XSS vulnerability in versions before 1.1.9, exploitable via wp-admin/admin-ajax.php?action=omsc_popup id parameter. The issue arises from a CSRF weakness that can trigger script execution in the context ...