CVE-2018-0546
CVE-2018-0546 corresponds to a cross-site scripting vulnerability in the WordPress plugin WP All Import, affecting versions prior to 3.4.6. The flaw is in the file upload function and allows an attacker to inject arbitrary script or HTML via unspecified vectors. Public references consistently sta...