WordPress Button Widget Smartsoft plugin” (versions <= 1.0.1) Cross-site request forgery (CSRF) vulnerability against cross-site scripting (XSS)

Details

A Cross Site Request Forgery (CSRF) vulnerability to Cross Site Scripting (XSS) was discovered in the WordPress Button Widget Smartsoft plugin (version <= 1.0.1).

solution

Deactivate and remove. This plugin is closed as of June 8, 2022 and is not available for download.

Sources.

Button Widget Smartsoft

脆弱性情報を受け取る