Description
WordPress Plugin Members Import is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Members Import version 1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4 or latest
References
Related Vulnerabilities
WordPress Server-Side Request Forgery (3.7 - 6.1.1)
WordPress Plugin WordPress Access Areas Security Bypass (1.3.0)
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)
WordPress Plugin http:BL Multiple Vulnerabilities (1.9.1)
Cherokee NULL Pointer Dereference Vulnerability (CVE-2020-12845)