Filter & Grids <= 2.8.33 is vulnerable to Broken Authentication vulnerability

The Filter & Grids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.33. This is due to missing or incorrect nonce validation on the ymc_updated_posts function. This makes it possible for unauthenticated attackers to trigger a request to fetch updated posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.