EPSS
Percentile
19.5%
The plugin does not ensure that the wallet to lock/unlock belongs to the user making the request, allowing any authenticated users, such as subscriber to lock/unlock arbitrary wallets via an IDOR attack