CVE-2024-12637 Moving Users <= 1.05 - Unauthenticated Sensitive Information Exposure

The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated...

CVE-2024-12637

Public technical details about CVE-2024-12637 are not provided in the Connected documents. The Initial Description notes Sensitive Information Exposure via export in Moving Users (WordPress) up to v1.05, but no further technical specifics or patches are included here.

PT-2025-1922 · WordPress · Moving Users

Name of the Vulnerable Software and Affected Versions: Moving Users plugin for WordPress versions up to and including 1.05 Description: The Moving Users plugin for WordPress is vulnerable to sensitive information exposure in its export functionality. This issue arises because JSON files are store...

WordPress plugin Moving Users 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress Moving Users plugin <= 1.05 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by omstaendlig in WordPress Plugin Moving Users versions = 1.05...