CVE-2022-1208
The CVE-2022-1208 entry concerns the WordPress Ultimate Member plugin. A stored cross-site scripting (XSS) flaw exists in the Biography field on individual user profile pages due to insufficient input sanitization and output escaping, allowing HTML-encoded scripts to be reflected on the page. Aff...