Security Advisory

CVE-2022-4266

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-26 12:28:14

Last updated 2025-04-14 13:46:38

Assigner WPScan

State PUBLISHED

Description

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack

← Browse all CVEs View on cve.org ↗