CVE-2022-4745 Information

Description

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod mkdir and copy which could allow attackers to make a logged-in admin perform them and create arbitrary folders copy file for example.

Reference

https://wpscan.com/vulnerability/9703f42e-bdfe-4787-92c9-47963d9af425