0.001 Low
EPSS
Percentile
24.8%
The Kunze Law WordPress plugin before 2.1 does not escape its ‘E-Mail Error “From” Address’ settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
wpscan.com/vulnerability/332e1e1e-7420-4605-99bc-4074e212ff9b