Reflected Cross-Site Scripting (XSS) vulnerability discovered by apple502j in WordPress Better Find and Replace plugin (versions <= 1.2.8).
Update the WordPress Better Find and Replace plugin to the latest available version (at least 1.2.9).