2 matches found
CVE-2022-27629
Cross-site request forgery CSRF vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors...
CVE-2022-27629
The CVE concerns WordPress plugin “MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership” with vulnerable versions prior to 1.9.6. A Cross‑Site Request Forgery (CSRF) vulnerability could allow a remote attacker, if a logged‑in admin visits a malicious page, to hijack the admin...