EPSS
Percentile
22.7%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks woven when unfiltered_html is disallowed