WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability
Vulnerable versions
<= 3.4.4
PSID
09db7689a741
Classification
Cross Site Request Forgery (CSRF)
OWASP Top 10
A8: Cross Site Request Forgery (CSRF)
Required privilege
Publicly disclosed
2022-02-16
Patchstack vPatch available since
09.12.2021
Details
Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress WP Content Copy Protection & No Right Click plugin (versions <= 3.4.4) by Muhammad Daffa.
Solution
Update the WordPress WP Content Copy Protection & No Right Click plugin to the latest available version (at least 3.4.5).
References
CVE-2022-23983
Plugin changelog