Description
WordPress Plugin Social Rocket-Social Sharing is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Social Rocket-Social Sharing version 1.2.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.10 or latest
References
https://jvn.jp/en/jp/JVN05502028/index.html
https://plugins.svn.wordpress.org/social-rocket/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Protected Posts Logout Button Cross-Site Request Forgery (1.4.4)
WordPress Plugin ShareThis Dashboard for Google Analytics Cross-Site Scripting (2.5.1)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-48293)
Nginx Use After Free Vulnerability (CVE-2022-31307)
Drupal Core 5.x Multiple Security Bypass Vulnerabilities (5.0 - 5.22)