CVE-2023-0033

Name of the Vulnerable Software and Affected Versions PDF Viewer WordPress plugin versions prior to 1.0.0

Description The issue concerns a lack of validation and escaping of a shortcode attribute in the PDF Viewer WordPress plugin, potentially allowing users with a role as low as contributor to perform a Stored Cross-Site Scripting attack.

Recommendations For versions prior to 1.0.0, update to version 1.0.0 or later to resolve the issue.