EPSS
Percentile
32.3%
The plugin does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as delete arbitrary blocked IPs) via CSRF attacks