EPSS
Percentile
27.7%
The plugin does not protect some of its actions against CSRF attacks, allowing an attacker to trick a logged in high privileged user to perform actions on their behalf by submitting a crafted request.