EPSS
Percentile
42.5%
The plugin does not sanitise and escape some parameters, and is missing proper authorisation, which could allow any authenticated users, such as subscriber to perform Cross-Site Scripting attacks