The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacksCreditsLana CodesWPScanReferenceshttps://wpscan.com/vulnerability/fed1e184-ff56-44fe-9876-d17c0156447a
