Description The plugin does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.
As a contributor, put the below code in a post while in Code Editor mode The XSS will be triggered when viewing/previewing the post
CPE | Name | Operator | Version |
---|---|---|---|
eq | 3.1.3 |