WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress WP-chgFontSize plugin version 1.8 and earlier versions are vulnerable to cross-site request forgery, which stems from a failure to perform cross-site request forgery checks when updating its settings. An attacker could use this vulnerability to change the login administrator configuration via a CSRF attack.