CVE-2023-7174

Name of the Vulnerable Software and Affected Versions: aBitGone CommentSafe WordPress plugin versions 1.0.0 and earlier

Description: The issue concerns the lack of CSRF checks in certain areas and missing sanitization as well as escaping. This could allow attackers to make logged-in admins add Stored XSS payloads via a CSRF attack.

Recommendations: For versions 1.0.0 and earlier, update to a version that includes proper CSRF checks and sanitization to prevent exploitation. As a temporary workaround, consider restricting access to sensitive areas of the plugin to minimize the risk of CSRF attacks.