CVE-2022-3208

Name of the Vulnerable Software and Affected Versions Simple File List WordPress plugin versions prior to 4.4.12

Description The issue concerns the lack of nonce checks in the Simple File List WordPress plugin, which could allow attackers to perform a CSRF attack. This attack could enable attackers to make a logged-in admin create a new page and change its content.

Recommendations For versions prior to 4.4.12, update to version 4.4.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.