0.001 Low
EPSS
Percentile
42.1%
An attacker could exploit this issue by convincing a user to click a specially crafted URL, which will send emails from the affected user’s WordPress email account.
https://github.com/tenable/poc/blob/master/WordPress/plugins/Icegram/email_subscribers_and_newsletters/csrf_poc.html
www.tenable.com/security/research/tra-2020-44-0