CVE-2015-9321

CVE-2015-9321

The shortcode-factory plugin before 1.1.1 for WordPress has XSS via add_query_arg.

Source: CVE-2015-9321