Unknown · Popup Maker · CVE-2022-4381
**Name of the Vulnerable Software and Affected Versions**
Popup Maker versions prior to 1.16.9
**Description**
The issue concerns a lack of validation and escaping of a shortcode attribute, potentially allowing users with a role as low as contributor to perform Stored Cross-Site Scripting attacks.
**Recommendations**
For versions prior to 1.16.9, update to version 1.16.9 or later to resolve the issue.