Vulnerability CVE-2022-3336


Published: 2022-11-21

Description:
The Event Monster WordPress plugin before 1.2.0 does not have CSRF check when deleting visitors, which could allow attackers to make logged in admin delete arbitrary visitors via a CSRF attack

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

 References:
https://wpscan.com/vulnerability/57bc6633-1aeb-4c20-a2a5-9b3fa10ba95d

Copyright 2026, cxsecurity.com

 

Back to Top