EPSS
Percentile
40.2%
The plugin does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting
https://example.com/wp-admin/edit.php?post_type=wpdmpro&page;=wpdm-stats&type;=history&user;_ids[]=1&">