CVE-2022-3132
The CVE-2022-3132 entry concerns the Goolytics WordPress plugin before 1.1.2. The issue is that the plugin does not sanitize and escape some settings, enabling Cross-Site Scripting by high-privilege users even when unfiltered_html is disallowed. Root cause: insufficient sanitization/escaping in t...