Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by Kaustubh G. Padwad in WordPress ClickBank Affiliate Ads plugin (versions <= 1.20).
Update the WordPress ClickBank Affiliate Ads plugin to the latest available version (at least 1.35).