Source: National Vulnerability Database

The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could allow high privilege users to perform Cross-Site

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0376

91 hits since 2022-05-31

PHP Vulns Source Ratio: 17% (6598 total, 568 propagated, 3299 filtered)