CVE-2022-2374
The CVE-2022-2374 entry concerns the WordPress plugin Simply Schedule Appointments (pre-1.5.7.7). The vulnerability arises because some plugin settings are not properly sanitised/escaped, enabling Stored Cross-Site Scripting (XSS) by high-privilege users (e.g., admins), even if unfiltered_html is...