CVE-2022-3618
The Spacer WordPress plugin, versions prior to 3.0.7, contains a stored XSS vulnerability due to insufficient sanitization/escaping of certain settings. This could allow high-privilege users (e.g., admins) to inject scripts, even when unfiltered_html is disallowed (such as in multisite configurat...