WordPress CevHerShare Plugin CSRF to Persistent XSS — Jetpack Security incorrect