Multiple actions were lacking CSRF checks, and could allow attackers to change the plugin's settings via CSRF attacks
CSRF
No
2019-05-26 (about 3 years ago)
2019-06-12 (about 3 years ago)
2020-09-11 (about 2 years ago)