EPSS
Percentile
20.8%
The plugin does not have CSRF in place when deleting reviews, w which could allow attackers to make a logged in admin delete them via a CSRF attack