CVE-2018-7197
CVE-2018-7197 affects Pluck up to version 4.7.4. It is a stored XSS vulnerability in the admin/blog Reaction Comments path that allows remote, unauthenticated users to inject arbitrary web script or HTML via a crafted URL. The connected documents confirm the issue and its exploitation vector but ...