CVE-2024-11719

Name of the Vulnerable Software and Affected Versions: tarteaucitron-wp WordPress plugin versions prior to 0.3.0

Description: The issue concerns a lack of CSRF check in some areas and missing sanitization as well as escaping. This could allow attackers to make logged-in admins add Stored XSS payloads via a CSRF attack.

Recommendations: For versions prior to 0.3.0, update to version 0.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to areas where CSRF attacks could be initiated until a patch is applied.