EPSS
Percentile
31.7%
The plugin does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
plugins.trac.wordpress.org/changeset/2646017