EPSS
Percentile
55.6%
The plugin does not have CSRF checks when managing its folder structure (such as moving, deleting, creating etc folders), which could allow attackers to make logged admins perform such actions via CSRF attacks