EPSS
Percentile
21.6%
The plugin does not have CSRF check in place which could allow an attacker to make a logged in admin reset the data of post/page/media