CVE-2022-45847

Name of the Vulnerable Software and Affected Versions WordPress Countdown Widget versions 3.1.9.1 and earlier

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability that also allows Cross-Site Scripting (XSS). This means an attacker could potentially trick a user into performing unintended actions on a web application, and also inject malicious scripts into the website.

Recommendations For WordPress Countdown Widget versions 3.1.9.1 and earlier, update to a version later than 3.1.9.1 to resolve the issue. As a temporary workaround, consider restricting access to the WordPress Countdown Widget until a patch is available.