CVE-2022-4306

Name of the Vulnerable Software and Affected Versions The Panda Pods Repeater Field WordPress plugin versions prior to 1.5.4

Description The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitized and escaped before being outputted back in the page. This could be exploited against a user with at least Contributor permission.

Recommendations For versions prior to 1.5.4, update to version 1.5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to users with Contributor permission or higher until the update is applied.