The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[browser_redirect][redirect_by_language] parameter to wp-admin/options.php.
https://wpvulndb.com/vulnerabilities/9003
https://github.com/d4wner/Vulnerabilities-Report/blob/master/wpglobus.md