Description
WordPress Plugin WP Customer Area is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin WP Customer Area version 8.1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 8.1.4 or latest
References
https://wpscan.com/vulnerability/9703f42e-bdfe-4787-92c9-47963d9af425
https://plugins.svn.wordpress.org/customer-area/trunk/readme.txt
Related Vulnerabilities
ClipBucket Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3717)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Directory Traversal (5.5.4)
Apache HTTP Server Other Vulnerability (CVE-2004-0942)
WordPress Plugin MouseWheel Smooth Scroll Cross-Site Request Forgery (5.6)
OpenSSL Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2026-31790)