The plugin did not properly verify for CSRF nonces, allowing requests without them to bypass the checks in place. This could allow attackers to make logged in users perform unwanted actions.
Jerome Bruandet (NinTechNet)
Yes
2021-04-16 (about 1 years ago)
2021-04-16 (about 1 years ago)
2022-01-17 (about 1 years ago)