CVE-2022-0647
CVE-2022-0647 concerns the WordPress plugin Bulk Creator (versions up to 1.0.1). The vulnerability is a straightforward Reflected Cross-Site Scripting caused by the plugin failing to sanitize and escape the post_type parameter before echoing it back on an admin page. The root cause, as described ...