CVE-2022-2371
The CVE-2022-2371 entry concerns the YaySMTP WordPress plugin (before 2.2.1). The vulnerability arises from improper authorization when saving settings, allowing users with a role as low as subscriber to modify settings and trigger a Stored Cross-Site Scripting (XSS) due to insufficient escaping....