CVE-2020-35135

An attacker can exploit this vulnerability by tricking a logged-in administrator into visiting a crafted URL. This URL would trigger a request to the `ultimate-category-excluder.php` file, causing unintended changes to the plugin's settings without the user's knowledge or consent. The vulnerability is present because the plugin does not verify if the request originates from a legitimate user action within the WordPress admin interface [ref_id=1].

The vulnerability resides within the `ultimate-category-excluder.php` file of the Ultimate Category Excluder WordPress plugin. Specifically, the plugin's handling of administrative actions related to category exclusion settings is susceptible to CSRF attacks [ref_id=1].

Version 1.2 of the Ultimate Category Excluder plugin addressed a minor vulnerability reported by SCA AppSec of Checkmarx [ref_id=1]. While the exact nature of the fix is not detailed in the provided changelog, it is implied that the update includes measures to prevent unauthorized modifications to the plugin's category exclusion settings. Users are advised to review their settings to ensure they are configured as expected after updating to version 1.2 or later [ref_id=1].