0.001 Low
EPSS
Percentile
29.2%
The plugin does not sanitise and escape imported CSV, which could allow attackers to perform Cross-Site Scripting attacks if they can make an admin import a malicious CSV file