WordPress MaxA/B plugin <= 2.2.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B maxab allows Stored XSS.This issue affects MaxA/B: from n/a through <= 2.2.2.