EPSS
Percentile
26.2%
The plugin does not have authorisation check when updating its settings, which could allow any authenticated users, such as subscriber to update them
www.wordfence.com/blog/2022/11/missing-authorization-vulnerability-in-blog2social-plugin/