0.001 Low
EPSS
Percentile
40.2%
The plugin does not sanitise and escape a parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting
http://example.com/wp-admin/admin.php?page=wp-athletics-print-rankings&print;=true&period;=all&type;=all&age;=all&event;=1&gender;=<%2Fscript><script>alert(1)%3B<%2Fscript>