CVE-2016-11012

CVE-2016-11012

The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS.

Source: CVE-2016-11012