6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.1%
Description The plugin does not sanitise and escape the order status parameter, which could allow users with a role of Admin to perform Cross-Site Scripting attacks