The plugins have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted actions via CSRF attacks
2023-01-02 (about 8 months ago)
2023-01-02 (about 8 months ago)
2023-01-02 (about 8 months ago)