CVE-2022-3391
CVE-2022-3391 affects the Retain Live Chat WordPress plugin up to version 0.1. The issue is a failure to sanitize and escape certain settings, enabling stored cross-site scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (including multisite setups). Ro...