CVE-2022-2398 Information

Description

The WordPress Comments Fields WordPress plugin before 4.1 does not escape Field Error Message which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Reference

https://wpscan.com/vulnerability/0a218789-9a78-49ca-b919-fa61d33d5672