CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-4266

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.4%

CVSS Severity

CVSS v3 Score 6.5

References

https://wpscan.com/vulnerability/1bcda9d3-c573-441e-828f-055fbec2e08d
https://wpscan.com/vulnerability/1bcda9d3-c573-441e-828f-055fbec2e08d

Products affected by CVE-2022-4266

Speakdigital » Bulk Delete Users By Email » Version: N/A

cpe:2.3:a:speakdigital:bulk_delete_users_by_email:-
Speakdigital » Bulk Delete Users By Email » Version: 1.2

cpe:2.3:a:speakdigital:bulk_delete_users_by_email:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4266

Products

Pricing

Contact Us