Unrated severityNVD Advisory· Published Feb 13, 2023· Updated Apr 3, 2025

WP Customer Area < 8.1.4 - Unauthorised Actions via CSRF

CVE-2022-4745

Description

The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.

Affected products

Unknown/Wp Customer Areav5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/9703f42e-bdfe-4787-92c9-47963d9af425mitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000