EPSS
Percentile
58.8%
The user-submitted-posts plugin before 20160215 for WordPress has XSS via the user-submitted-content field.
wordpress.org/plugins/user-submitted-posts/#developers
www.securityfocus.com/archive/1/537616/30/0/threaded