AI Score
Confidence
High
Description The plugin does not have authorisation in various AJAX actions, allowing any authenticated users, such as subscriber to call them and modify/access theme and CSS data for example. It could also lead to Stored XSS issues.