CVE-2017-18608 (spot.im_comments)

The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues.
Source: NIST
CVE-2017-18608 (spot.im_comments)