2 matches found
CVE-2023-5704
CVE-2023-5704 refers to the CPO Shortcodes plugin for WordPress (versions
CVE-2022-40672
CVE-2022-40672 corresponds to an authenticated (admin+) Stored XSS vulnerability in the WordPress CPO Shortcodes plugin, affecting versions prior to 1.5.0. The core issue is lack of proper filtering/escaping of user-supplied data in the plugin, enabling stored XSS when an admin-user interacts wit...