EPSS
Percentile
24.8%
The create_post_page AJAX action of the plugin (available to authenticated user) does not sanitise or escape user input before outputting it back in the response, leading to a Reflected Cross-Site issue