Authenticated Reflected Cross-Site Scripting (XSS) vulnerability found by ZeroAptitude in WordPress Subscribe Sidebar plugin (versions <= 1.3.1).
2020-12-28 - we were unable to find a patched version of this plugin.
Notice from WordPress.org: “This plugin has been closed as of June 23, 2020 and is not available for download. Reason: Security Issue.”