cleantalk
Vulnerabilities and Security Researches

Export any WordPress data to XML/CSV, CVE-2021-24708

CVE, Research URL

CVE-2021-24708

Home page URL

Security reports for Export any WordPress data to XML/CSV

Application

Export any WordPress data to XML/CSV

Published on
Nov 08, 2021
Research Description
The Export any WordPress data to XML/CSV WordPress plugin before 1.3.1 does not escape its Export's Name before outputting it in Manage Exports settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Affected versions
max 1.3.1.
Status
vulnerable
Previous vulnerability researches
Export any WordPress data to XML/CSV (CVE-2022-1800) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2021-24708) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2026-1582) , Apr 15, 2026
Export any WordPress data to XML/CSV (CVE-2023-5882) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2023-5886) , Jun 06, 2024
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026