Cross-site request forgery (CSRF) vulnerability in the Facebook Members plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings.Referenceshttp://wordpress.org/extend/plugins/facebook-members/changelog/http://secunia.com/advisories/52962
