Dxw

**Name of the Vulnerable Software and Affected Versions** Disable Comments plugin versions prior to 1.0.4 for WordPress **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators for requests that enable comments via a request to the "disable comments settings" page to "wp-admin/options-general.php". **Recommendations** For Disable Comments plugin versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue.