Reflected Cross-Site Scripting (XSS) vulnerability discovered by ZhongFu Su aka JrXnm (WuHan University) in WordPress Popup Anything plugin (versions <= 2.1.6).
Update the WordPress Popup Anything plugin to the latest available version (at least 2.1.7).