CVE-2018-5654
CVE-2018-5654 concerns the WordPress plugin weblizar-pinterest-feeds (version 1.1.1). The issue is a cross-site scripting (XSS) vulnerability exploitable through the wp-admin/admin-ajax.php endpoint via the PFFREE_Access_Token parameter. All connected sources identify an XSS in this plugin, with ...