Description
WordPress Plugin Facebook Members is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Facebook Members version 5.0.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.0.5 or latest
References
Related Vulnerabilities
WordPress Plugin Contact Form Email Information Disclosure (1.2.66)
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder CSV Injection (1.4.7)
WordPress Plugin DX-Contribute Cross-Site Request Forgery (1.2.0)
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2020-12603)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)