EPSS
Percentile
31.8%
The plugin is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be used to gain webshell access to a server via a CSRF attack
www.wordfence.com/vulnerability-advisories/#CVE-2021-4096