Vulnerabilities and security researches forexport-wp-page-to-static-html export-wp-page-to-static-html

May 27, 2026

CVE, Research URL: CVE-2026-24574
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: May 26, 2026
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0.
Affected versions: max 6.0.1.
Status: vulnerable

Jan 10, 2026

CVE, Research URL: CVE-2025-11693
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: Dec 13, 2025
Research Description: The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies that may have been injected into the log file if the site administrator triggered a back-up using a specific user role like 'administrator.'
Affected versions: max 5.0.0.
Status: vulnerable

Oct 11, 2025

CVE, Research URL: CVE-2025-58980
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: Sep 09, 2025
Research Description: Missing Authorization vulnerability in recorp Export WP Page to Static HTML/CSS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Export WP Page to Static HTML/CSS: from n/a through 4.1.0.
Affected versions: max 4.2.0.
Status: vulnerable

Jun 21, 2024

CVE, Research URL: CVE-2024-3597
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: Jun 20, 2024
Research Description: The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.2.2. This is due to insufficient validation on the redirect url supplied via the rc_exported_zip_file parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Affected versions: max 2.2.3.
Status: vulnerable

Jun 06, 2024

CVE, Research URL: CVE-2023-6369
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: Jan 11, 2024
Research Description: The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX actions in all versions up to, and including, 2.1.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to disclose sensitive information or perform unauthorized actions, such as saving advanced plugin settings.
Affected versions: max 2.2.0.
Status: vulnerable

CVE, Research URL: CVE-2023-31077
Home page URL: Security reports for Export WP Page to Static HTML/CSS
Application: Export WP Page to Static HTML/CSS
Date: Nov 10, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in ReCorp Export WP Page to Static HTML/CSS plugin <= 2.1.9 versions.
Affected versions: max 2.2.0.
Status: vulnerable