CVE-2022-40963 - Multiple Auth. Stored Cross-Site Scripting (XSS) Flaws in WP Page Builder Plugin (<= 1.2.6) on WordPress
WordPress has millions of installs, so plugins are a favorite target for attackers. A serious set of vulnerabilities—now assigned CVE-2022-40963—was found in the