0.0004 Low
EPSS
Percentile
10.6%
The plugin does not validate a parameter before using it in an include statement, allowing any authenticated users, such as subscriber to perform LFI attacks