CVE-2023-3492
CVE-2023-3492 affects the WP Shopping Pages WordPress plugin up to version 1.14. The vulnerability arises from missing CSRF checks, insufficient sanitisation and escaping, enabling an authenticated attacker to trigger a Stored XSS payload in a logged-in admin account via CSRF. The connected Red H...