0.001 Low
EPSS
Percentile
32.0%
The plugin does not have CSRF check when updating the API key, which could allow attackers to make logged admins update it via a CSRF attack