CVE Watch

Monitoring new CVE for your stack in your software or environment never easier. No need to setup cronjob to check latest CVE, we do it for you. Get notified in hour unit for new CVE using email or webhook. CVE Watch will help you to be always updated for new CVE of your software/library catalogue.

CVE-2022-4309

Vendor: subscribe2 project

Product: subscribe2

Published Date: 2023-01-16 16:15:00

Last Modified Data: 2023-01-24 19:32:00

The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack.

Copyright © 2022 CVE Watch

DISCLAIMER:

This site is created by @aryya_id by processing data from National Vulnerability Database (NVD). You are free to use this site for your use case by understanding that there is no guaantee or warranty for data shown in this site. You are understand that content from this website is "as it is" and usage of data or material from this website is solely your reponsibility.