EPSS
Percentile
40.2%
The plugin does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected cross-Site Scripting