CVE-2026-6400

Name of the Vulnerable Software and Affected Versions Child Height Predictor by Ostheimer versions prior to 1.4

Description The plugin is susceptible to Cross-Site Request Forgery (CSRF), a flaw where an attacker tricks a user into performing actions they did not intend to. This occurs because the options() function, which manages plugin settings updates, lacks nonce verification. A nonce is a unique token used to ensure that a request was intentionally sent by the user. Specifically, the form template lacks a wp nonce field() call, and the handler does not utilize check admin referer() or wp verify nonce(). Consequently, unauthenticated attackers can deceive a site administrator into clicking a malicious link or visiting a page that submits a forged POST request, leading to unauthorized changes in plugin settings, such as unit preferences, being saved to the database via update option().

Recommendations Update the plugin to a version later than 1.3. As a temporary workaround, restrict access to the plugin settings page to only trusted administrators until the update is applied.