Description
WordPress Plugin Stockists Manager for Woocommerce is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Stockists Manager for Woocommerce version 1.0.2.1 is vulnerable; prior versions may also be affected.
Remediation
Edit the source code to ensure that CSRF protection is implemented with Nonce-like mechanism or disable the plugin until a fix is available
References
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2518
https://wordpress.org/plugins/stockists-manager/#description
Related Vulnerabilities
WordPress Plugin PowerPress Podcasting by Blubrry Arbitrary File Upload (8.3.7)
WordPress Plugin Share, Print and PDF Products for WooCommerce Security Bypass (2.7.2)
WordPress Plugin Inline Gallery 'do' Parameter Cross-Site Scripting (0.3.9)