CVE-2026-40581 | ChurchCRM up to 7.1.x Family Record Deletion Endpoint SelectDelete.php cross-site request forgery (GHSA-6qxv-xw9j-77pj)

A vulnerability marked as problematic has been reported in ChurchCRM up to 7.1.x. The impacted element is an unknown function of the file SelectDelete.php of the component Family Record Deletion Endpoint. The manipulation leads to cross-site request forgery.

This vulnerability is referenced as CVE-2026-40581. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More