CVE-2022-2245

Name of the Vulnerable Software and Affected Versions The Counter Box WordPress plugin versions prior to 1.2.1

Description The issue is related to a lack of CSRF check when activating and deactivating counters. This could allow attackers to make a logged-in admin perform such actions via CSRF attacks.

Recommendations For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the counter activation and deactivation features to minimize the risk of exploitation.