CVE-2023-0067
CVE-2023-0067 affects the Timed Content WordPress plugin prior to 2.73. Root cause: shortcode attributes are not validated/escaped before output, enabling stored XSS for users with the contributor role or higher on pages/posts containing the shortcode. Impact is stored, client-side script executi...