Unknown · Micropayments - Paid Author Subscriptions · CVE-2022-27629
**Name of the Vulnerable Software and Affected Versions**
MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership versions prior to 1.9.6
**Description**
A cross-site request forgery (CSRF) issue allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operations via unspecified vectors.
**Recommendations**
For versions prior to 1.9.6, update to version 1.9.6 or later to resolve the issue. As a temporary workaround, consider implementing additional authentication checks to minimize the risk of exploitation. Restrict access to sensitive operations to minimize the risk of unintended actions by an attacker.