CVE-2023-5749
The CVE concerns the EmbedPress WordPress plugin before version 3.9.2, which does not sanitise or escape user input before rendering it on a page, causing a Reflected XSS. The issue could be exploited against high-privilege users such as admins. Affected software: EmbedPress WordPress plugin (ver...