EPSS
Percentile
26.3%
The plugin does not verify the CSRF nonce when removing posts, allowing attackers to make a logged in admin remove arbitrary posts from the blog via a CSRF attack, which will be put in the trash
https://example.com/wp-admin/edit.php?post_type=easy-pricing-table&page;=ept3-list&action;=trash&post;=1