The plugin does not have proper Cross-Site Request Forgery (CSRF) check in some places, which could allow attackers to make logged in admins perform unwanted actions via Cross-Site Request Forgery (CSRF) attacks.
Download Theme by metagauss <= 1.0.9 - CSRF
LANACOMMONVDB ID: c43dcebb-8902-48a9-8e38-aae89bb4a9e6