EPSS
Percentile
41.7%
The plugin does not have authorisation checks in various functions, which could allow unauthenticated users to retrieve arbitrary metadata, including the plugin’s token used in other actions like when creating a post