CVE-2022-38077

Name of the Vulnerable Software and Affected Versions WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin versions <= 2.2.1

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is authenticated to.

Recommendations For WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin versions <= 2.2.1, update to a version higher than 2.2.1 to resolve the issue.