The plugin did not check for CSRF nonce in its options page, allowing attacker to perform CSRF attacks against logged in users.
CSRF
SCA AppSec
No
2020-12-11 (about 2 years ago)
2020-12-12 (about 2 years ago)