CVE-2022-2407
The CVE-2022-2407 affects the WP phpMyAdmin WordPress plugin prior to version 5.2.0.4. The issue is that certain settings are not escaped, which could allow high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting when the unfiltered_html capability is disallowed (as in multisit...