The Newsletter Popup WordPress plugin through 1.2 does not sanitise and escape some parameters, which could allow unauthenticated visitors to perform Cross-Site Scripting attacks against adminsCreditsBob MatyasWPScanReferenceshttps://wpscan.com/vulnerability/f4047f1e-d5ea-425f-8def-76dd5e6a497e/
