WordPress Monkee-Boy Essentials plugin <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

[jesscanales]

Describe the bug
WordPress Monkee-Boy Essentials plugin <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

https://patchstack.com/database/vulnerability/monkee-boy-wp-essentials/wordpress-monkee-boy-essentials-plugin-1-1-authenticated-author-stored-cross-site-scripting-vulnerability?_a_id=431

[jesscanales]

Sites with the plugin (I will add to this as I find them):
https://www.clicktobuyservices.com
https://www.graybecker.com/
https://mccourtequipment.com/
https://bcjpd.org/
https://texasfarmcredit.com
https://cave-holdings.com
https://www.thehobbycenter.org