0.001 Low
EPSS
Percentile
44.2%
The plugin does not properly sanitize input and escape output in the query string, leading to a Reflected Cross-Site Scripting vulnerability.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/shiftcontroller/shiftcontroller-employee-shift-scheduling-4925-reflected-cross-site-scripting-via-query-string