The plugin does not have proper Cross-Site Request Forgery (CSRF) check in some places, for example when importing shortcodes, which could allow attackers to make logged in admins perform unwanted actions via Cross-Site Request Forgery (CSRF) attacks.
WP Tabs by ShapedPlugin <= 2.1.14 - CSRF
LANACOMMONVDB ID: 13620bca-04b7-4982-bcf6-4a9f17bd5ae1