CVE-2015-9440

The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=monetize-zones-new.
Source: NIST
CVE-2015-9440