The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Site ScriptingCreditsDmitrii IgnatyevWPScanReferenceshttps://wpscan.com/vulnerability/1304c2b6-922d-455e-bae8-d6bf855eddd9/