CVE-2022-4309
Vulnerability summary (CVE-2022-4309) : The Subscribe2 WordPress plugin (versions before 10.38) is affected by a CSRF weakness in user-deletion functionality. The underlying issue is the absence of a CSRF check when deleting users, which could allow a logged-in admin to delete arbitrary users by ...