CVE-2022-4652
The CVE-2022-4652 entry documents a Stored XSS in the Video Background WordPress plugin for versions prior to 2.7.5. The vulnerability arises because certain shortcode attributes are not validated/escaped before being output, which could allow users with the contributor role and above to inject s...