Arbitrary Transaction Deletion via Cross-Site Request Forgery (CSRF) vulnerability discovered by Muhamad Hidayat in WordPress Simple Membership plugin (versions <= 4.0.9).
Update the WordPress Simple Membership plugin to the latest available version (at least 4.1.0).