0.001 Low
EPSS
Percentile
39.2%
The plugin does not have authorisation and CSRF checks when updating its settings, which could allow unauthenticated attackers to change them.