CVE-2022-27859 – WordPress Travel Management plugin <= 2.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

https://notcve.org/view.php?id=CVE-2022-27859

14 Jun 2022 — Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) Autenticado (rol de colaborador o usuario superior) Almacenado en el plugin Nicdark d.o.o. Travel Management versiones anteriores a 2.0 incluyéndola, en WordPress • https://patchstack.com/database/vulnerability/nd-travel/wordpress-travel-management-plugin-2-0-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •