CVE-2023-0539
The CVE details a Stored Cross-Site Scripting (XSS) in the GS Insever Portfolio WordPress plugin. Affected software: GS Insever Portfolio WordPress plugin versions prior to 1.4.5. Root cause: the plugin fails to validate and escape certain shortcode attributes before output, enabling an attacker ...