Medium
CVSS 4.3
Overview
The Event Monster WordPress plugin before 1.2.0 does not have CSRF check when deleting visitors, which could allow attackers to make logged in admin delete arbitrary visitors via a CSRF attack
CVE-2022-3336
The Event Monster WordPress plugin before 1.2.0 does not have CSRF check when de...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.3 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.