CVE-2015-9441

The bookmarkify plugin 2.9.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=bookmarkify.php.
Source: NIST
CVE-2015-9441