EPSS
Percentile
19.4%
The plugin does not sanitise and escape some parameters available to users with a role as low as contributor, allowing them to perform Stored Cross-Site Scripting attacks