CVE-2022-4834

The CVE-2022-4834 entry concerns the WordPress plugin CPT Bootstrap Carousel (versions up to 1.12). The vulnerability is a Stored Cross-Site Scripting (Stored XSS) flaw where certain shortcode attributes are not validated or escaped before being output, allowing a low-privilege user (Contributor)...