CVE-2022-4648
CVE-2022-4648 affects the Real Testimonials WordPress plugin prior to 2.6.0. The vulnerability arises because the plugin does not validate and escape certain shortcode attributes before output, enabling Stored Cross-Site Scripting that can-impact high-privilege users (admins) when exploited by us...