CVE-2022-1393
Affected software: WordPress WP Subtitle plugin (versions before 3.4.1). Vulnerability type: stored cross-site scripting (XSS) via the subtitle field stored in post meta. Root cause / mechanism: the subtitle is saved in the post meta key wps_subtitle; while sanitization occurs on normal post save...