The plugin does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Plugin settings > Style Settings > button border radius (or other field) put to input field: </style><script>alert('XSS');</script><!-- Plugin settings > Text & localizations > Title of login form put to input field: <script>alert('XSS');</script>
Michal Lipinski
Michal Lipinski
Yes
2022-07-05 (about 11 months ago)
2022-07-05 (about 11 months ago)
2023-04-08 (about 1 months ago)