CVE-2022-0648
CVE-2022-0648 concerns the WordPress plugin “Team Circle Image Slider With Lightbox” (before version 1.0.16). The vulnerability arises because the plugin does not sanitize and escape the order_pos parameter before outputting it back in an admin page, enabling a reflected Cross-Site Scripting (XSS...