Never5 ≫ Post Connector

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions.

The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg().