0.001 Low
EPSS
Percentile
26.3%
The plugin does not have authorisation check when activating plugins via an action hooked to init(), which could allow unauthenticated attackers to deactivate arbitrary plugins from the blog