CVE-2018-5366by Jeremyin Security Bulletinson Posted on January 12, 2018 The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php.