CVE-2024-8044

Name of the Vulnerable Software and Affected Versions: infolinks Ad Wrap WordPress plugin versions 1.0.0 through 1.0.2

Description: The issue is related to the lack of CSRF protection when updating settings in the infolinks Ad Wrap WordPress plugin. This could allow attackers to make a logged-in admin change settings via a CSRF attack.

Recommendations: For versions 1.0.0 through 1.0.2, as a temporary workaround, consider disabling the settings update functionality until a patch is available. Restrict access to the plugin's settings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.