EPSS
Percentile
58.6%
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.
cinu.pl/research/wp-plugins/mail_3a14a77571c73684103e0f517a92d757.html
wordpress.org/plugins/yith-maintenance-mode/#developers
wpvulndb.com/vulnerabilities/8285