EPSS
Percentile
99.0%
Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way.
github.com/WordPress/wordpress-develop/security/advisories/GHSA-6676-cqfm-gw84
hackerone.com/reports/1378209