EPSS
Percentile
32.3%
The plugin does not have CSRF checks in some places, for example when unsubscribing email subscribers and delete the plugin, which could allow attackers to make logged in admins perform such actions via CSRF attacks