EPSS
Percentile
31.7%
Reflected Cross-Site Scripting (XSS) vulnerability discovered by Krzysztof Zając in WordPress myCred plugin (versions <= 2.3.2).
Update the WordPress myCred plugin to the latest available version (at least 2.4).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25015
wordpress.org/plugins/mycred/#developers
wpscan.com/vulnerability/7608829d-2820-49e2-a10e-e93eb3005f68