WordPress · Democracy-Poll · CVE-2017-18520
**Name of the Vulnerable Software and Affected Versions**
democracy-poll plugin versions prior to 5.4
**Description**
The issue affects the democracy-poll plugin for WordPress, allowing for cross-site scripting (XSS) attacks. This is due to a flaw in the `update l10n` function within the `admin/class.DemAdminInit.php` file.
**Recommendations**
For versions prior to 5.4, update the democracy-poll plugin to version 5.4 or later to resolve the issue.