CVE-2022-3097
CVE-2022-3097 affects the WordPress plugin LBstopattack, specifically versions prior to 1.1.3. The root cause is that the plugin does not use nonces when saving its settings, enabling CSRF attacks that could disable the plugin’s protections. The vulnerability is documented across multiple sources...