0.004 Low
EPSS
Percentile
73.0%
The plugin lacks proper authorization on the file upload feature, making it possible for authenticated users, who belong to specific roles defined by the administrator, to upload arbitrary files.