## https://sploitus.com/exploit?id=WPEX-ID:A6C2DA28-DC03-4BCC-A6C3-EE55A73861DB
- Create/edit a Notification (https://example.com/wp-admin/post-new.php?post_type=easynotify)
- Put the following payload in the "Text Header", "Main Text" or any of the "Bullet List" fields: "><img src onerror=alert(/XSS/)>
- The XSS will be triggered when saving/submitting for review, when another user will edit the notification as well as when previewing it (via the Preview feature offered by the plugin, not the usual post preview)
Note: version 1.1.31 patch did not fully fix the issue as a payload like text" onmouseover="alert(/XSS/); would work in some of the affected fields