CVE-2022-1938
The CVE CVE-2022-1938 affects the WordPress Awin Data Feed plugin prior to version 1.8. The issue is improper sanitisation/escaping of a header when processing requests to generate analytics data, enabling Stored Cross-Site Scripting (Stored XSS) by unauthenticated users that can affect a logged-...