CVE-2022-3427
CVE-2022-3427 affects the Corner Ad plugin for WordPress up to version 1.0.56. The root cause is missing or incorrect nonce validation on the corner_ad_settings_page function, enabling Cross-Site Request Forgery. This allows unauthenticated attackers to trigger deletion of ads via forged requests...