6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.9%
Description The plugin does not have CSRF check in the addedit feature, which could allow attackers to make logged in admins upload arbitrary files via a CSRF attack