CVE-2022-4448
CVE-2022-4448 affects the GiveWP WordPress plugin prior to version 2.24.0. The issue is improper validation/escaping of shortcode attributes before output, enabling Stored XSS for users with the contributor role or higher when the shortcode is embedded in a page/post. Impact is stored XSS with ac...