CVE-2017-17719
CVE-2017-17719 concerns the wp-concours WordPress plugin (versions up to 1.1). The vulnerability is a cross-site scripting (XSS) flaw in wp-concours/includes/concours_page.php: a user-controlled value from $_REQUEST['result_message'] is stored in $message_str and echoed back to the page without p...