Source: National Vulnerability Database

The BannerMan WordPress plugin through 0.2.4 does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfiltered_html is disallowed (such as in multisite)

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1275

114 hits since 2022-05-31

PHP Vulns Source Ratio: 17% (6700 total, 569 propagated, 3350 filtered)