CVE-2022-1156
Affected software: WordPress Books & Papers plugin (version 0.20210223 and earlier). Vulnerability: Stored Cross-Site Scripting due to not escaping the Custom DB prefix settings, enabling high-privilege users to trigger XSS when unfiltered_html is disallowed. Exploitation: Several sources describ...