CVE-2022-3462
CVE-2022-3462 affects the Highlight Focus WordPress plugin (versions ≤ 1.1). The issue arises from insufficient sanitization/escape of plugin settings, enabling high-privilege users (e.g., admins) to perform Stored XSS even when unfiltered_html is disallowed (multisite scenarios). Exploitation de...