0.001 Low
EPSS
Percentile
39.6%
The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admin change them via a CSRF attack