WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Social Share Buttons by Supsystic plugin versions prior to 2.2.4 are vulnerable to cross-site request forgery, which stems from a failure to perform CSRF checks on its ajax endpoint and administration pages. An attacker could use this vulnerability to trick any logged-in user into manipulating or changing plugin settings, as well as creating, deleting, and renaming items and networks.