The plugin does not have proper Cross-Site Request Forgery (CSRF) check in some places, which could allow attackers to make logged in admins perform unwanted actions via Cross-Site Request Forgery (CSRF) attacks.
Download Plugin by metagauss <= 2.0.4 - CSRF
LANACOMMONVDB ID: 6e8878ba-2a3b-495f-b3a1-a881c75bc405