Hello @walterbe,
Thank you for reaching out with your concern regarding the “WordPress Simple Share Buttons Adder” plugin.
We understand the importance of maintaining the security and integrity of your website. The alert you received from Plesk about the Cross Site Request Forgery (CSRF) vulnerability in version 8.5.0 of the Simple Share Buttons Adder plugin is legitimate. This vulnerability was indeed discovered and reported by Muhammad Daffa (Patchstack Alliance) and has been documented by Wordfence.
Given the potential risk associated with this vulnerability, we strongly recommend updating the plugin to the latest version if an update is available. If no update is available or you prefer to ensure maximum security, deactivating the plugin would be the safest course of action until a patch is released.
To address this issue, you can:
- Check for Updates: Ensure you are using the latest version of the plugin. Plugin developers often release patches to address such vulnerabilities.
- Consider Alternatives: If an update is not available, you might want to consider using an alternative plugin with similar functionality that is actively maintained and secure.
- Deactivate the Plugin: As a precaution, you can deactivate the Simple Share Buttons Adder plugin until a secure version is released.
We apologize for any inconvenience this may cause and appreciate your understanding as we work to ensure the security of your website. If you have any further questions or need assistance with finding an alternative plugin, please feel free to reach out.
Best regards,
ShareThis Support Team
