WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Subscribe To Comments Reloaded plugin 211130 and earlier versions are vulnerable to cross-site request spoofing. An attacker can use this vulnerability to spoof malicious requests to trick victims into clicking to perform sensitive actions, such as cleaning up log archives, downloading system information files, plugin system settings, plugin options settings, generating new keys, etc.