CVE-2022-0399
The CVE-2022-0399 entry concerns the WordPress plugin Advanced Product Labels for WooCommerce (versions before 1.2.3.7). The issue is a Reflected Cross‑Site Scripting (XSS) caused by insufficient sanitization/escaping of the tax_color_set_type parameter in the berocket_apl_color_listener AJAX res...