CVE-2022-1335 Information

Description

The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide’s descriptions which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed

Reference

https://wpscan.com/vulnerability/cfc80857-8674-478f-9604-7a8849e5b85e