EPSS
Percentile
72.8%
The lack of CSRF checks could allow attackers to make a logged administrator change some of the pluginβs settings.
plugins.trac.wordpress.org/changeset/2445009