The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.Referenceshttps://wpvulndb.com/vulnerabilities/8614https://www.openwall.com/lists/oss-security/2016/05/20/5
