0.0005 Low
EPSS
Percentile
17.4%
The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against visitors following crafted links.