0.003 Low
EPSS
Percentile
70.0%
Lack of CSRF checks and sanitisation on the plugin’s settings page could allow XSS attacks via CSRF.
zeroauth.ltd/blog/2020/01/17/cve-2020-6849-marketo-forms-and-tracking-wordpress-plugin-vulnerable-to-csrf-leading-to-xss-attack/