CVE-2019-11871 (custom_field_suite)

The Custom Field Suite plugin before 2.5.15 for WordPress has XSS for editors or admins.
Source: NIST
CVE-2019-11871 (custom_field_suite)