CVE-2022-1645
CVE-2022-1645 affects the WordPress Amazon Link plugin up to version 3.2.10. The vulnerability stems from inadequate sanitisation/escaping of certain settings, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Multiple sources (NV...