CVE-2022-2435
The CVE-2022-2435 issue affects the AnyMind Widget plugin for WordPress (versions up to and including 1.1). The root cause is missing nonce protection on the createDOMStructure() function in ~/anymind-widget-id.php, enabling Cross-Site Request Forgery. Unauthenticated attackers could coerce an ad...