CVE-2023-1614
CVE-2023-1614 affects the WordPress plugin WP Custom Author URL (pre-1.0.5). The vulnerability stems from insufficient sanitization/escaping of certain plugin settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed. Public deta...