CVE-2022-4266

Published: Dec 26, 2022

Modified: Apr 14, 2025

PUBLISHED

Description

The Bulk Delete Users by Email WordPress plugin through 1.2 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete non admin users by knowing their email via a CSRF attack

Vendor	Product	Versions
Unknown	Bulk Delete Users by Email	affected `0 - <= 1.2`

References

https://wpscan.com/vulnerability/1bcda9d3-c573-441e-828f-055fbec2e08d

exploit

vdb-entry

technical-description

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-4266

Description

Affected Products

References