EPSS
Percentile
30.0%
The plugin does not sanitise and escape various parameters before outputting them back in attributes in the plugin’s settings dashboard, leading to Reflected Cross-Site Scripting
plugins.trac.wordpress.org/changeset/2690415