CVE-2022-27629
N/A
N/A
Summary
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VideoWhisper | MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership | versions prior to 1.9.6 | affected |
Weaknesses
- Cross-site request forgery
ADP Enrichment
CVE Program Container
Additional References
- https://plugins.trac.wordpress.org/changeset?new=2362275%40paid-membership&old=2345274%40paid-membership
- https://wordpress.org/plugins/paid-membership/
- https://jvn.jp/en/jp/JVN31606885/index.html
References
- https://plugins.trac.wordpress.org/changeset?new=2362275%40paid-membership&old=2345274%40paid-membership
- https://wordpress.org/plugins/paid-membership/
- https://jvn.jp/en/jp/JVN31606885/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.