CVE-2023-3746 Information

Description

The ActivityPub WordPress plugin before 1.0.0 does not sanitize and escape some data from post content which could allow contributor and above role to perform Stored Cross-Site Scripting attacks

Reference

https://wpscan.com/vulnerability/c15a6032-6495-47a8-828c-37e55ed9665a