The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
8.8CVSS
8.7AI Score
0.001EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.5 versions.
7.1CVSS
5.9AI Score
0.0005EPSS