CVE-2018-20971
CVE-2018-20971 affects the WordPress plugin “church-admin” prior to version 1.2550. The vulnerability is a Cross-Site Request Forgery (CSRF) that targets the upload of a bible reading plan. Public sources in the connected documents corroborate the issue as a CSRF in the plugin affecting uploads; ...