Wp-Customerarea: Security Vulnerabilities
The WP Customer Area WordPress plugin before 8.1.4 does not have CSRF checks when performing some actions such as chmod, mkdir and copy, which could allow attackers to make a logged-in admin perform them and create arbitrary folders, copy file for example.
CVSS Score
7.1
EPSS Score
0.007
Published
2023-02-13