CVE-2025-13413

Name of the Vulnerable Software and Affected Versions Country Blocker for AdSense plugin for WordPress versions prior to 1.1

Description The software is susceptible to Cross-Site Request Forgery (CSRF) due to the absence of nonce validation in the CBFA guardar cbfa() function. This allows unauthenticated attackers to modify the plugin’s settings by deceiving a site administrator into performing an action, such as clicking a malicious link.

Recommendations Update to version 1.1 or later.