CVE-2022-0449
The CVE-2022-0449 entry refers to the WordPress Flexi – Guest Submit plugin (versions before 4.20). The root cause is failure to sanitize and escape various parameters before outputting them back to pages (e.g., the user dashboard), enabling Reflected Cross-Site Scripting. Impact is reflected XSS...