EPSS
Percentile
10.5%
The plugin does not validate a parameter before using it in an include statement, allowing any authenticated users, such as subscriber to perform LFI attacks