CVE-2022-0681
EUVD-2022-1576621.03.2022, 19:15
The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| simple-membership-plugin | simple_membership | 𝑥 < 4.1.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration