ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Attachment Export Plugin <= 0.2.3 - Unauthenticated File Download

Product
Attachment Export
Description
Because of this vulnerability, an unauthenticated user can download the XML data that holds all the details of attachments/posts on a Wordpress powered site.
Solution
Update the plugin.
Classification
Type BYPASS
References
Packet Storm Security
SecLists
CVE
Name CVE-N/A
Versions
Affected In <= 0.2.3
Fixed In 0.2.4
Disclosure date
2015-07-15
Submitter
ThreatPress