0.001 Low
EPSS
Percentile
39.8%
The plugin does properly check for the access token in its REST API endpoints, which could allow unauthenticated attackers to call them and delete arbitrary files