Vulnerabilities > CVE-2022-4745 - Unspecified vulnerability in Wp-Customerarea WP Customer Area
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
LOW Availability impact
NONE Summary
The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |