CVE-2022-4226
CVE-2022-4226 affects the WordPress plugin Simple Basic Contact Form prior to version 20221201. The vulnerability arises because the plugin does not sanitize or escape certain settings, enabling Stored XSS where high-privilege users (e.g., admins) could execute scripts, even if unfiltered_html is...