Find real vulnerabilities before they ship
Vulnerability Database › packagist › CVE-2018-5365
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[selector_wp_list_pages][show_selector] parameter to wp-admin/options.php.
Base Score