WP-CopyProtect <= 3.0.0 - CSRF & Stored Cross-Site Scripting (XSS)
The WP-CopyProtect Protect your blog posts plugin for WordPress is vulnerable to a Persistent XSS attack on the settings screen, due to a lack of sanitation of user input, and lack of Cross-Site Request Forgery CSRF token nonce. alert1'/ document.getElementById"form".submit;...