EPSS
Percentile
35.5%
The plugin exposes sensitive information to unauthenticated users such as site visitors emails and usernames via an API route
www.wordfence.com/vulnerability-advisories/#CVE-2022-1186