CVE-2022-1763

Name of the Vulnerable Software and Affected Versions Static Page eXtended WordPress plugin versions prior to 2.1

Description The issue is related to missing checks, allowing CSRF attacks that can change plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings.

Recommendations For versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin settings to minimize the risk of exploitation.