CVE-2022-4745

Name of the Vulnerable Software and Affected Versions WP Customer Area versions prior to 8.1.4

Description The issue concerns a lack of CSRF checks for certain actions, such as chmod, mkdir, and copy. This could allow attackers to make a logged-in admin perform these actions, resulting in the creation of arbitrary folders or the copying of files.

Recommendations For versions prior to 8.1.4, update to version 8.1.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected plugin functionality until the update is applied.