CVE-2022-0199
CVE-2022-0199 concerns the WordPress plugin Coming soon and Maintenance mode (pre-3.6.8). The vulnerability is a CSRF flaw in the coming_soon_send_mail AJAX action, which allows a logged-in admin to cause the site to send arbitrary emails to all subscribed users. Affected versions are prior to 3....