CVE-2023-6446
CVE-2023-6446 affects the WordPress Calculated Fields Form plugin up to version 1.2.40, enabling Stored XSS via admin settings due to insufficient input sanitization and output escaping. Exploitation requires administrator-level access and may impact multi-site installations where unfiltered_html...