CVE-2018-21012

The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS.
Source: NIST
CVE-2018-21012