EPSS
Percentile
45.1%
The plugin does not properly sanitize input and escape output in admin settings, leading to Stored Cross-Site Scripting vulnerabilities. This issue affects multi-site installations and installations with disabled unfiltered_html.