Product
The RPB Chessboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) due to insufficient input sanitization and output escaping within its comment content functionality, allowing unauthenticated attackers to inject arbitrary web scripts that execute when a user views the affected page, bypassing WordPress's default kses sanitization.