The Bug Library WordPress plugin prior to 2.one.2 would not sanitise and escape some of its configurations, which could permit superior privilege users including admin to perform Stored Cross-web site Scripting attacks https://prbookmarkingwebsites.com/story19904312/the-smart-trick-of-k-smart-that-nobody-is-discussing
