exploitDog

CVE-2026-24986

Опубликовано: 03 фев. 2026

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1.

Ссылки

https://patchstack.com/database/Wordpress/Plugin/simple-membership-wp-user-import/vulnerability/wordpress-simple-membership-wp-user-import-plugin-1-9-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

EPSS

Процентиль: 2%

0.00015

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-j9hv-8hcm-6q67

CVSS3: 5.4

github

4 дня назад

Cross-Site Request Forgery (CSRF) vulnerability in wp.insider Simple Membership WP user Import simple-membership-wp-user-import allows Cross Site Request Forgery.This issue affects Simple Membership WP user Import: from n/a through <= 1.9.1.

EPSS

Процентиль: 2%

0.00015

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-352