CVE-2023-0033
The CVE-2023-0033 entry concerns the PDF Viewer WordPress plugin (versions before 1.0.0). The issue is a failure to validate/escape a shortcode attribute, enabling Stored Cross-Site Scripting for users with a role as low as contributor. Affected component: shortcode handling in the plugin; root c...