WP-Optimize < 3.2.13 is vulnerable to Reflected XSS vulnerability

The WP-Optimize plugin and SrbTransLatin plugin for WordPress are vulnerable to Cross-Site Scripting via the 's' parameter in WP-Optimize in versions up to 3.2.12 and via post content in SrbTransLatin in versions up to, and including, 2.4 due to a third party library that strips some escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.