0.003 Low
EPSS
Percentile
66.3%
The plugin does not have any authorisation check when outputing a reset token, which could then be used to deactivate the plugin via another request