Description
This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.
This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.
Remediation
Your script should filter metacharacters from user input.
References
Related Vulnerabilities
WordPress Plugin TableOn-WordPress Posts Table Filterable Cross-Site Scripting (1.0.0)
WordPress Plugin WP-Live Chat by 3CX Multiple Vulnerabilities (4.3.5)
WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)
WordPress Plugin Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)
WordPress 4.5.x Same Origin Method Execution (SOME) Vulnerability (4.5 - 4.5.1)