CVE-2018-17884
The CVE affects the WordPress Gwolle Guestbook plugin (gwolle-gb) prior to version 2.5.4. Vulnerability: XSS in admin/gb-dashboard-widget.php exploitable via PATH_INFO to wp-admin/index.php. Root cause: improper handling of PATH_INFO leading to script injection in the admin context. Impact: poten...