CVE-2023-5292
The CVE-2023-5292 entry concerns the WordPress plugin Advanced Custom Fields: Extended, with stored XSS via the acfe_form shortcode in versions up to and including 0.8.9.3. The issue results from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticat...