CVE-2022-0423
CVE-2022-0423 affects the WordPress 3D FlipBook plugin up to version 1.12.0 (versions before 1.12.1). The root cause is missing authorization checks, CSRF protection, and input sanitisation/escaping during settings updates, allowing authenticated users (e.g., subscribers) to perform stored Cross-...