CVE-2022-1591

Name of the Vulnerable Software and Affected Versions WordPress Ping Optimizer versions prior to 2.35.1.3.0

Description The issue is related to the lack of a CSRF check when updating settings in the WordPress Ping Optimizer plugin. This could allow attackers to make a logged-in admin change settings via a CSRF attack.

Recommendations For versions prior to 2.35.1.3.0, update to version 2.35.1.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings update functionality to minimize the risk of exploitation.