The Gwolle Guestbook WordPress plugin was affected by an Unauthenticated Stored Cross-Site Scripting (XSS) security vulnerability.
seclists.org/fulldisclosure/2017/Feb/87
sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_gwolle_guestbook_wordpress_plugin.html