CVE-2023-2964 Information

Description

The Simple Iframe WordPress plugin before 1.2.0 does not properly validate one of its WordPress block attribute’s content which may allow users whose role is at least that of a contributor to conduct Stored Cross-Site Scripting attacks.

Reference

https://wpscan.com/vulnerability/97aac334-5323-41bb-90f0-d180bcc9162f