EPSS
Percentile
20.8%
The plugin does not have CSRF in place when sending messages, allowing attackers user sent arbitrary message on their behalf via a CSRF attack