0.001 Low
EPSS
Percentile
49.8%
The plugin does not properly implement capability checks on the permalink_setup function, leading to unauthorized permalink structure updates.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/metform/metform-elementor-contact-form-builder-330-missing-authorization