CVE-2017-18492

The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.