EPSS
Percentile
22.7%
The plugin does not sanitise and escape multiple of its settings, which could allow high privileged users such as admin to perform Cross-Site Scripting attack when the unfiltered_html is disallowed
www.hackpertise.com/cve/35-cve-2021-36828/