CVE-2022-4562
CVE-2022-4562 affects the Meks Flexible Shortcodes WordPress plugin prior to 1.3.5. The root cause is failure to validate and escape certain shortcode attributes in output, enabling Stored XSS when exploited by users with as low as Contributor; admins and high-privilege users are at risk. Multipl...