CVE-2018-20978
CVE-2018-20978 affects the WordPress wp-all-import plugin for versions prior to 3.4.7. The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient validation of client-supplied data in the plugin, enabling an attacker to run malicious script in a victim’s browser. Public records...