There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.Referenceshttps://www.exploit-db.com/exploits/45434/https://wordpress.org/plugins/bft-autoresponder/http://www.vapidlabs.com/advisory.php?v=203
