Redwallhp

**Name of the Vulnerable Software and Affected Versions** WP125 plugin versions prior to 1.5.0 **Description** A cross-site request forgery (CSRF) issue exists in the Add/Edit page, specifically in the adminmenus.php file. This allows remote attackers to hijack the authentication of administrators for requests that add or edit an ad. **Recommendations** For WP125 plugin versions prior to 1.5.0, update to version 1.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the adminmenus.php file to minimize the risk of exploitation.