Cybersecurity experts have discovered vulnerabilities in three plugins for the WordPress engine. In total, these problems threaten more than 83 thousand websites and can be used to gain complete control over the attacked resources.

One of the vulnerabilities, assigned the CVE-2022-0215 identifier, is the CSRF (cross-site request forgery) flaw. This flaw is rated 8.8 on the CVSS scale and impacts three plugins: Login/Signup Popup, Side Cart Woocommerce, Waitlist Woocommerce.

The developers of the affected plugins have already released the relevant updates, thus site owners and administrators only need to install them.

Source: anti-malware.ru