CVE-2022-3834
The CVE-2022-3834 entry concerns the WordPress Google Forms plugin (versions ≤ 0.95). The vulnerability arises because the plugin does not sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite). A...