CVE-2018-1000512
Tooltipy (tooltips for WP) plugin, version 5, contains a Cross-Site Scripting (XSS) vulnerability in the Glossary shortcode. The issue could allow an attacker to perform actions comparable to an admin (as described), with exploitation noted as requiring the user to follow a link. The vulnerabilit...