The vulnerability enables a malicious attacker to trigger a silent deletion of church records when a logged‑in user navigates to certain legacy GET URLs. Because the application performs the delete operation on a simple GET request, a user who is authenticated and possesses the appropriate role can have their affected entities removed without confirmation or a CSRF token. The loss includes primary records, associated properties, and cascading property‑to‑record links, resulting in permanent data loss. The weakness is a classic CSRF flaw, categorised as CWE‑352, and additional failure to guard against hard‑coded or default behaviours per CWE‑650.

The issue exists in the open‑source ChurchCRM management system, affecting any deployment that is running a version prior to 7.3.2. The affected code is within the legacy delete pages FundRaiserDelete.php, PropertyTypeDelete.php, and NoteDelete.php. No specific version numbers are provided beyond the knowledge that the fix is available in 7.3.2; any earlier releases are considered vulnerable.

This flaw carries a CVSS score of 8.1, indicating a high severity. The EPSS metric is not provided, so the likelihood of a current exploit remains unclear, but the weakness is a common CSRF use case that pairs well with social engineering or compromised user credentials. It is not listed in the CISA KEV catalog, suggesting no confirmed active exploitation. An attacker requires that a target user be authenticated and possess delete privileges; they can then craft a link or embed the URL in a malicious page to force the deletion as the victim proceeds to visit it. The vulnerability does not require privileged code execution or administrative access on the server, making it more attractive to low‑skill adversaries who can readily exploit it with minimal effort.