0.001 Low
EPSS
Percentile
21.2%
The plugin does not escape the nd_cc_meta_box_cc_price_icon parameter (related to a post meta), which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks