CVE-2022-2540 Link Optimizer Lite <= 1.4.5 - Cross-Site Request Forgery to Cross-Site Scripting

The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the adminpage function found in the /admin.php file. This makes it possible for unauthenticated...