CVE-2016-10883by Jeremyin Security Bulletinson Posted on August 14, 2019 The simple-add-pages-or-posts plugin before 1.7 for WordPress has CSRF for deleting users.