cleantalk
Vulnerabilities and Security Researches

Export All Posts, Products, Orders, Refunds & Users, CVE-2016-11000

CVE, Research URL

CVE-2016-11000

Home page URL

Security reports for Export All Posts, Products, Orders, Refunds & Users

Application

Export All Posts, Products, Orders, Refunds & Users

Published on
Sep 20, 2019
Research Description
The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.
Affected versions
Min -, max 1.2.
Status
vulnerable
Previous vulnerability researches
Export All Posts, Products, Orders, Refunds & Users (CVE-2023-45066) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2016-11000) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2018-20968) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2023-2487) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2024-12315) , Feb 16, 2025
New vulnerability
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-2594) , Apr 03, 2025
xili-dictionary (CVE-2025-30840) , Apr 03, 2025
Page Takeover (CVE-2025-31470) , Apr 03, 2025
Administrator Z (CVE-2025-2815) , Apr 03, 2025
Custom Fields Account Registration For Woocommerce (CVE-2025-30888) , Apr 03, 2025