CVE-2022-1611

Name of the Vulnerable Software and Affected Versions Bulk Page Creator WordPress plugin versions prior to 1.1.4

Description The issue concerns the lack of nonce checks for page creation functionalities, making them susceptible to Cross-Site Request Forgery (CSRF) attacks. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web application that the user is authenticated to. In this context, it means an attacker could potentially create pages without the user's knowledge or consent.

Recommendations For versions prior to 1.1.4, update to version 1.1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the page creation functionalities until the update can be applied.