CVE-2022-0445
The CVE concerns the WordPress Real Cookie Banner plugin (before 2.14.2). The root cause is missing CSRF checks when resetting settings, which can allow a CSRF attacker to trigger a logged-in admin to reset the banner settings. The vulnerability affects the plugin’s settings reset flow and is doc...