EPSS
Percentile
64.7%
The plugin does not have authorisation in various actions, which could allow users with a role as low as subscriber to call them and perform unauthorised actions