CVE-2022-0898
CVE-2022-0898 affects the IgniteUp WordPress plugin up to version 3.4.1. The vulnerability arises from insufficient sanitization/escaping of certain fields when high-privilege users lack the unfiltered_html capability, enabling a Stored Cross-Site Scripting (XSS) scenario on admin-facing template...