WordPress: CSRF Vulnerability in XV Random Quotes Plugin

In XV Random Quotes plugin for WordPress versions 1.40 and prior a medium severity vulnerability CVE-2024-13580 was detected. This vulnerability allows attackers to exploit a Cross-Site Request Forgery (CSRF) flaw due to missing CSRF checks when updating plugin settings. This could enable an attacker to trick a logged-in admin into resetting the settings. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-13580.