CVE-2022-4649
CVE-2022-4649 affects the WordPress plugin “WP Extended Search” (before 2.1.2). The vulnerability is a failure to validate and escape a shortcode attribute, enabling a Stored Cross-Site Scripting (XSS) attack. Impact can be executed by users with as little as Contributor privileges (attack requir...