cleantalk
Vulnerabilities and Security Researches

Export any WordPress data to XML/CSV, CVE-2023-4724

CVE, Research URL

CVE-2023-4724

Home page URL

Security reports for Export any WordPress data to XML/CSV

Application

Export any WordPress data to XML/CSV

Published on
Dec 19, 2023
Research Description
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the `wp_query` parameter which allows an attacker to run arbitrary command on the remote server
Affected versions
max 1.4.1.
Status
vulnerable
Previous vulnerability researches
Export any WordPress data to XML/CSV (CVE-2022-1800) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2021-24708) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2026-1582) , Apr 15, 2026
Export any WordPress data to XML/CSV (CVE-2023-5882) , Jun 06, 2024
Export any WordPress data to XML/CSV (CVE-2023-5886) , Jun 06, 2024
New vulnerability
Customer Reviews for WooCommerce (CVE-2026-1316) , Apr 15, 2026
WP Recipe Maker (CVE-2026-1558) , Apr 15, 2026
Page and Post Clone (CVE-2026-2893) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-2589) , Apr 15, 2026
Greenshift – animation and page builder blocks (CVE-2026-1927) , Apr 15, 2026