CVE-2022-28290
CVE-2022-28290 affects the WordPress Country Selector plugin until version 1.6.5. The vulnerability is a reflected Cross-Site Scripting (XSS) issue where the plugin does not sanitize/escape the country and lang parameters before output, enabling arbitrary script execution in the user’s browser (c...