Source: National Vulnerability Database

The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result,

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24545

65 hits since 2021-10-13

PHP Vulns Source Ratio: 13% (4484 total, 299 propagated, 2242 filtered)