CVE-2023-6290 Information

Description

The SEOPress WordPress plugin before 7.3 does not sanitise and escape some of its settings which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Reference

https://wpscan.com/vulnerability/78a13958-cd12-4ea8-b326-1e3184da970b/