EPSS
Percentile
19.6%
The plugin does not escape page/post and media titles, which could allow attackers to perform Stored XSS attacks when another plugin/theme allowing low privilege users to modify such titles is active on the blog as well