The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators
View the template here CVE-2023-27922.yaml
References:
https://wpscan.com/vulnerability/eb6ff6f0-60fe-4345-b443-97fd4800418c