Description
WordPress before 5.2.3 allows XSS in shortcode previews.
Remediation
References
Related Vulnerabilities
WordPress Plugin Magee Shortcodes Cross-Site Scripting (1.6.3)
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (4.5.0)
WordPress Plugin oQey Headers 'oqey_settings.php' SQL Injection (0.3)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1559)