CVE-2022-2144

Name of the Vulnerable Software and Affected Versions Jquery Validation For Contact Form 7 WordPress plugin versions prior to 5.3

Description The issue is related to the lack of a CSRF check when updating the plugin's settings. This could allow attackers to make a logged-in admin change blog options, such as default role and users can register, via a CSRF attack.

Recommendations For versions prior to 5.3, update to version 5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings update functionality to minimize the risk of exploitation.