CVE-2017-18567
CVE-2017-18567 affects the WordPress wp-all-import plugin prior to 3.4.6, where an XSS vulnerability exists in input handling due to lack of proper validation of client-side data. This could allow attacker-controlled script execution when processing imported XML/CSV data. A fix is available in ve...