5 matches found
CVE-2023-4724 WP All Export (Free < 1.4.0, Pro < 1.8.6) - Admin+ RCE
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the wpquery parameter which allows an attacker to run arbitrary command on the remote server...
CVE-2023-4724
CVE-2023-4724 affects WP All Export (free) < 1.4.0 and WP All Export Pro
CVE-2023-4724 WP All Export (Free < 1.4.0, Pro < 1.8.6) - Admin+ RCE
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the wpquery parameter which allows an attacker to run arbitrary command on the remote server...
WordPress Export any WordPress data to XML/CSV Plugin < 1.4.0 is vulnerable to Remote Code Execution (RCE)
Software Export any WordPress data to XML/CSV Type Plugin Vulnerable versions 1.4.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2023-4724 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 6a309d1d1825 Credits Francesco Marano...
WordPress WP ALL Export Pro Plugin < 1.8.6 is vulnerable to Remote Code Execution (RCE)
Software WP ALL Export Pro Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2023-4724 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID 62d42aeded33 Credits Francesco Marano @mrnfrancesco Donato ...