CVE-2019-15110

The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS.