WordPress My Link Order Plugin <= 4.3 - Cross Site Scripting (XSS)

Because of this XSS vulnerability, authenticated users can inject HTML or JS code. Vulnerable parameters are "cats" and "hdnCatID". Solution Update the plugin...