0.008 Low
EPSS
Percentile
82.2%
Lack of CSRF checks could allow attackers to make a logged in admin create XSS payloads.
zeroauth.ltd/blog/2019/07/17/cve-2019-12934-wp-code-highlightjs-wordpress-plugin-csrf-leads-to-blog-wide-injected-script-html/