CVE-2018-20986
CVE-2018-20986 concerns the WordPress plugin Advanced Custom Fields (vendor: a.k.a. Elliot Condon) prior to version 5.7.8. The vulnerability is an XSS issue reported as “XSS by authors,” indicating that unauthenticated or authenticated users with certain roles may inject and execute client-side s...