CVE-2022-2409

The Rough Chart WordPress plugin (versions up to 1.0.0) contains an authentication-restricted stored Cross-Site Scripting (XSS) vulnerability caused by improper escaping of chart data labels. This allows high-privilege users to execute XSS, even when unfiltered_html is disallowed; exploitation re...