EPSS
Percentile
31.8%
The plugin does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting
plugins.trac.wordpress.org/changeset/2659032