CVE-2017-18534

The share-on-diaspora plugin before 0.7.2 for WordPress has reflected XSS in share URL parameters.