EPSS
Percentile
28.1%
The plugin does not properly validate requests use nonces, leading to a Cross-Site Request Forgery (CSRF) vulnerability.
patchstack.com/database/vulnerability/comment-reply-notification/wordpress-comment-reply-notification-plugin-1-4-cross-site-request-forgery-csrf-vulnerability