AI Score
Confidence
High
EPSS
Percentile
23.8%
Description The plugin does not have CSRF check in its wpp_save_settings() function, and does not validate the menu parameter, allowing attackers to make logged in users admins perform LFI attacks via CSRF