indieweb_post_kinds vulnerabilities and exploits

4.3
CVSSv2
CVE-2015-9494

The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier....