CVE-2019-9870 plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements. Source: NIST March 21, 2019 by admin Uncategorized