CVE-2019-17233

Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection.
Source: NIST
CVE-2019-17233