CVE-2023-48765
CVE-2023-48765 affects the WordPress plugin Email Address Encoder. An improper input sanitization/output escaping in the eae_shortcode attribute allows Stored XSS in versions up to and including 1.0.22. Exploitation requires an authenticated user with Contributor+ privileges. The issue is mitigat...