CVE-2015-9391 (yawpp)

The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter.
Source: NIST
CVE-2015-9391 (yawpp)