Source: National Vulnerability Database

The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1294

98 hits since 2022-05-31

PHP Vulns Source Ratio: 17% (6794 total, 571 propagated, 3397 filtered)

Browse PHP Advisory