A Cross Site Request Forgery (CSRF) vulnerability to Cross Site Scripting (XSS) was discovered in the WordPress Button Widget Smartsoft plugin (version <= 1.0.1).
Deactivate and remove. This plugin is closed as of June 8, 2022 and is not available for download.
Button Widget Smartsoft