0.001 Low
EPSS
Percentile
21.7%
The extension fails to properly encode user input for output in HTML context. Also the extension fails to implement a CSRF protection for update profile plugin.