CVE-2016-10984

CVE-2016-10984

The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.

Source: CVE-2016-10984