CVE-2023-7269

Name of the Vulnerable Software and Affected Versions ArtPlacer Widget WordPress plugin versions prior to 2.21.2

Description The issue concerns a lack of CSRF check in some areas and missing sanitization as well as escaping. This could allow attackers to make logged-in admins add Stored XSS payloads via a CSRF attack.

Recommendations For versions prior to 2.21.2, update to version 2.21.2 or later to resolve the issue. As a temporary workaround, consider restricting access to areas where the CSRF check is missing and ensure proper sanitization and escaping of user input to minimize the risk of exploitation.