0.001 Low
EPSS
Percentile
29.3%
The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error parameter found in the ~/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.6.
plugins.trac.wordpress.org/browser/smart-id/trunk/admin.php?rev=2451347
www.wordfence.com/vulnerability-advisories/