WordPress WP Import Export premium plugin <= 3.9.15 - Unauthenticated Sensitive Data Disclosure vulnerability

2022-01-1400:00:00

Karan Saini

patchstack.com

0.002 Low

EPSS

Percentile

53.0%

Unauthenticated Sensitive Data Disclosure vulnerability discovered by Karan Saini in WordPress WP Import Export premium plugin (versions <= 3.9.15).

Solution

           Update the WordPress WP Import Export premium plugin to the latest available version (at least 3.9.16).

CPENameOperatorVersion
wp import exportle3.9.15

CPE	Name	Operator	Version
	wp import export	le	3.9.15

plugins.vjinfotech.com/wordpress-import-export/change-log/

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0236

www.wordfence.com/vulnerability-advisories/#CVE-2022-0236

0.002 Low

EPSS

Percentile

53.0%

Related for PATCHSTACK:EFDE1816CDDA76674B375F461BD3B377