CVE-2023-4995

CVE-2023-4995 affects the Embed Calendly plugin for WordPress. The vulnerability is Stored XSS via the calendly shortcode, caused by insufficient sanitization/escaping of shortcode attributes in versions up to 3.6. Authenticated attackers with contributor-level or higher permissions can inject ar...