CVE-2015-9469

The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.
Source: NIST
CVE-2015-9469