CVE-2022-2170
CVE-2022-2170 affects the WordPress Microsoft Advertising Universal Event Tracking (UET) plugin prior to 1.0.4. The root cause is insufficient sanitisation/escaping of plugin settings, enabling stored XSS by high-privilege users (e.g., admins) and potentially leaking content to the front page. Re...