0.001 Low
EPSS
Percentile
47.5%
The plugin does not have CSRF checks in their AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks