CVE-2024-0383
WP Recipe Maker for WordPress (plugin, up to version 9.1.0) is affected by a Stored XSS due to insufficient restrictions on the group_tag attribute in the wprm-recipe-instructions and wprm-recipe-ingredients shortcodes. Exploitation requires authentication at Contributor level or higher; an attac...