CVE-2022-3440 (rock_convert)

CVE-2022-3440 (rock_convert)

The Rock Convert WordPress plugin before 2.11.0 does not sanitise and escape an URL before outputting it back in an attribute when a specific widget is present on a page, leading to a Reflected Cross-Site ScriptingRead More