cpe:/a:wpscoop:imageinject:1.15::~~~wordpress~~ CVE-2018-5285 2018-01-08T02:29:00.260-05:00 2018-01-29T07:32:17.497-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2018-01-23T12:30:28.550-05:00 MISC https://github.com/d4wner/Vulnerabilities-Report/blob/master/ImageInject.md MISC https://wordpress.org/support/topic/stored-xss-csrf-bug-at-the-latest-version-of-imageinject/ MISC https://wpvulndb.com/vulnerabilities/8994 The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.