CVE-2017-18502
CVE-2017-18502 affects the WordPress subscriber plugin prior to version 1.3.5. The issue is multiple XSS vulnerabilities in the subscriber plugin, enabling an authenticated attacker to execute arbitrary JavaScript in victims’ browsers (potential cookie/credentials risk) as described in connected ...