No CSRF Protection on Add new Fields. Can also Edit and Delete fields the same way.
1.Download csrf_wp-members.html 2.Change URL in html file.(FORM ACTION). 3.Submit Request. Video POC : https://drive.google.com/file/d/1TuJK0NjxznjTDmoJF5wbGu2vMA_XXikw/view?usp=sharing HTML_FILE : https://drive.google.com/file/d/131SkyhmXfOZeZV8ph6Y8QOaSVG3WxvdZ/view?usp=sharing