A vulnerability was found in brooks24 admin-word-count-column 2.2 on WordPress. It has been classified as critical . This affects an unknown function of the file download-csv.php . This manipulation of the argument path causes path traversal. This vulnerability is tracked as CVE-2022-50953 . The attack is possible to be carried out remotely. Moreover, an exploit is present.