CVE-2023-5125
CVE-2023-5125 affects the WordPress plugin Contact Form by FormGet. It is a stored XSS via the formget shortcode in versions up to 5.5.5 due to insufficient input sanitization and output escaping on user-supplied attributes. Authenticated attackers with contributor-level permissions can inject ar...