The Integrate Google Drive plugin for WordPress has a security vulnerability in versions up to and including 1.3.4. An attacker can use this vulnerability to perform an unauthorized action on the website, such as clicking a link, by tricking a site administrator into clicking it. This is possible because the plugin is not validating a code called a nonce correctly.