CVE-2018-5363

CVE: CVE-2018-5363
Published: 2018-01-12T09:29Z
Vendor: wpglobus
Products: wpglobus
Versions: 1.9.6,
Description Language: en
Description: The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[enabled_languages][en] or wpglobus_option[enabled_languages][fr] (or any other language) parameter to wp-admin/options.php.
References:
https://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md
https://wpvulndb.com/vulnerabilities/9003