EPSS
Percentile
26.2%
The plugin does not have any authorisation in place when updating its settings, allowing unauthenticated attackers to do so