A popular WordPress plugin called “Simple Giveaways” has a security issue that allows hackers to trick site administrators into performing unauthorized actions. This vulnerability affects all versions of the plugin up to 2.48.2. It is caused by an error in the validation process, which means that attackers who are not logged in can gain access to the site by tricking an administrator into clicking a harmful link.