CVE-2018-16254

CVE-2018-16254

There is an XSS vulnerability in WP All Import plugin 3.4.9 for WordPress via action=options.

Source: CVE-2018-16254