CVE-2023-2009
The CVE-2023-2009 entry concerns the Pretty Url WordPress plugin, affected up to version 1.5.4. The vulnerability stems from the plugin’s failure to sanitize and escape the URL field in its settings, enabling stored XSS by high-privilege authenticated users, even when unfiltered_html is disallowe...