EPSS
Percentile
31.3%
The plugin does not have any authorisation in some of its REST route, which could allow unauthenticated users to delete, create and update arbitrary post