Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-0681

Disclosure Date: March 21, 2022 (last updated February 23, 2025)
The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0