CVE-2022-2123

Name of the Vulnerable Software and Affected Versions WP Opt-in WordPress plugin versions 1.4.1 and earlier

Description The issue allows for Cross-Site Request Forgery (CSRF) attacks, which can lead to changed plugin settings and potentially be used for sending spam emails. CSRF is a type of attack where an attacker tricks a user into performing unintended actions on a web application that the user is authenticated to.

Recommendations For WP Opt-in WordPress plugin versions 1.4.1 and earlier, update to a version later than 1.4.1 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.