Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF
CVE-2022-0616
4.3MEDIUM
What is CVE-2022-0616?
The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack
Affected Version(s)
Amelia – Events & Appointments Booking Calendar 1.0.47