0.001 Low
EPSS
Percentile
43.5%
The plugin does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in admin perform such actions via CSRF attacks