EPSS
Percentile
41.3%
The plugin does not have CSRF check when processing bulk actions, which could allow attackers to make logged in admin delete arbitrary forms for example
plugins.trac.wordpress.org/changeset/2628499