CVE-2022-1894 Information

Description

The Popup Builder WordPress plugin before 4.1.11 does not escape and sanitize some settings which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltred_html is disallowed

Reference

https://wpscan.com/vulnerability/68af14ef-ca66-40d6-a1e5-09f74e2cd971