Lucene search
China National Vulnerability DatabaseCNVD-2022-18850HistoryMar 02, 2022 - 12:00 a.m.
WordPress Simple Membership plugin跨站请求伪造漏洞
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
wordpress
simple membership
csrf
vulnerability
php
cross-site request forgery
plugin
bulk deletion
attack
EPSS
0.001
Percentile
30.0%
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. A cross-site request forgery vulnerability exists in versions of the WordPress Simple Membership plugin prior to 4.0.9. The vulnerability stems from the fact that the Simple Membership plugin does not have CSRF checks when deleting members in bulk, and an attacker could exploit this vulnerability to by launching a CSRF attack.
Related
nvd
nvd
CVE-2022-0328
2022-02-28 09:15:08
patchstack
patchstack
wpvulndb
wpvulndb
Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF
2022-01-25 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-02-28 09:15:00
wpexploit
wpexploit
Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF
2022-01-25 00:00:00
cve
cve
CVE-2022-0328
2022-02-28 09:15:08
cvelist
cvelist
CVE-2022-0328 Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF
2022-02-28 09:06:45