EPSS
Percentile
33.8%
“A subscriber could update the plugins settings via the URL or AJAX. The settings were not sanitized before saving to the database and not escaped before outputted on the front end.”
wordpress.org/plugins/universal-analytics/changelog/