CVE-2017-14721
CVE-2017-14721 affects WordPress prior to 4.8.2. The vulnerability is an cross-site scripting (XSS) flaw in the plugin editor introduced by a crafted plugin name, enabling an attacker to inject script in the context of an authenticated/unauthenticated user depending on context. The root cause is ...