WP All Export (Free < 1.4.1, Pro < 1.8.6) - Remote Code Execution via CSRF
CVE-2023-5882

8.8HIGH

Key Information:

Vendor
Wordpress
Vendor
CVE Published:
18 December 2023

Summary

The Export any WordPress data to XML/CSV plugin and the WP All Export Pro plugin have a vulnerability due to inadequate nonce token validation early in the request lifecycle. This flaw enables attackers to exploit logged-in users, potentially leading to unauthorized actions and remote code execution. By bypassing nonce authentication checks, malicious users can manipulate the intended security design, posing significant risks to WordPress installations utilizing these plugins.

Affected Version(s)

Export any WordPress data to XML/CSV 0 < 1.4.0

WP All Export Pro 0 < 1.8.6

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Francesco Marano (@mrnfrancesco)
Donato Di Pasquale (@ddipa)
WPScan
.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.