CVE-2022-0681 - Simple-membership-plugin Simple Membership

Moderate 6.5

The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack

Affected software

Simple-membership-plugin Simple Membership

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.