CVE-2022-1764
The CVE-2022-1764 entry concerns the WP-chgFontSize WordPress plugin (versions ≤ 1.8). The connected documents confirm the underlying issue: lack of CSRF protection when updating settings, allowing a logged-in admin to be targeted via CSRF to change settings and trigger a Stored XSS due to insuff...