EPSS
Percentile
31.3%
The plugin does not have authorisation and CSRF checks when updating its Opt-In and Opt-Out tracking settings, which could allow any unauthenticated users to update them