CVE-2023-0364
The CVE-2023-0364 issue affects real.Kit WordPress plugin prior to 5.1.1, where certain shortcode attributes are not validated/escaped before output, enabling Stored XSS for users with the contributor role and above. The vulnerability is triggered when the plugin’s shortcode is embedded in a post...