EPSS
Percentile
47.5%
Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php.
techdefencelabs.com/security-advisories.html
www.wordfence.com/help/advanced/changelog/