0.001 Low
EPSS
Percentile
23.6%
The plugin does not use nonces to verify requests, making it vulnerable to Cross-Site Request Forgery (CSRF) attacks.
patchstack.com/database/vulnerability/wp-fb-autoconnect/wordpress-wp-social-autoconnect-plugin-4-6-1-cross-site-request-forgery-csrf-vulnerability