CVE-2022-1781
The CVE-2022-1781 entry concerns the WordPress plugin postTabs (versions up to 2.10.6). The root cause is missing CSRF protection when updating settings, which can allow a logged-in attacker to perform a CSRF attack to change settings. This action can also lead to Stored XSS due to lack of saniti...