CVE-2022-4023: 
WordPress vulnerability analysis and mitigation

The vulnerability (CVE-2022-4023) affects the premium version of the WordPress plugin 3DPrint versions prior to 3.5.6.9. The vulnerability is related to Cross-Site Request Forgery (CSRF) in the modified version of Tiny File Manager included with the plugin, which allows attackers to create archives of arbitrary files from the target server by tricking logged-in administrators (Jetpack Blog, WPScan).

The vulnerability exists due to lack of CSRF protection in the modified Tiny File Manager module. The file manager functionality allows creation of zip or tar archives of selected files without proper path validation. The vulnerability has a CVSS score of 7.4 (High) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N. The issue is classified as CWE-352 (Cross-Site Request Forgery) (WPScan).

The vulnerability allows attackers to create archives containing sensitive files like WordPress configuration files (wp-config.php) which contain database credentials and secrets. The created archive has a predictable location and name format (wp-content/uploads/p3d/archiveDDMMYYHHmmss.zip), making it possible for attackers to download the archived sensitive files if they know the submission time (Jetpack Blog).

The vulnerability has been fixed in version 3.5.6.9 of the 3DPrint plugin. For sites unable to update immediately, it is recommended to disable the file manager module and remove the file wp-content/plugins/3dprint/includes/ext/tinyfilemanager/tinyfilemanager.php if it exists (Jetpack Blog).