Cross-Site Request Forgery in Church Admin Plugin for WordPress
CVE-2018-20971
8.8HIGH
What is CVE-2018-20971?
The Church Admin plugin for WordPress, prior to version 1.2550, is susceptible to Cross-Site Request Forgery (CSRF), which may allow unauthorized upload of a bible reading plan. This vulnerability could be exploited by an attacker to perform actions on behalf of a user without their consent, potentially compromising the integrity of user data.