CVE-2022-2152
CVE-2022-2152 affects the WordPress plugin Duplicate Page and Post, prior to version 2.8. The issue is that the plugin does not sanitize or escape its settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Remediation: update to version 2.8 o...