6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Make a logged in admin open an HTML file containing (where <> is a valid ID):
<>