WordPress Export All Posts, Products, Orders, Refunds & Users plugin <= 2.19 - Cross-Site Request Forgery to Sensitive Information Exposure vulnerability

Cross-Site Request Forgery to Sensitive Information Exposure vulnerability discovered by luckybuddy in WordPress Plugin WP Ultimate Exporter versions = 2.19...

PT-2025-5446 · Smackcoders · Smackcoders Wp Ultimate Exporter

Name of the Vulnerable Software and Affected Versions: Smackcoders WP Ultimate Exporter versions n/a through 2.9 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal', which allows Absolute Path Traversal. This means th...