Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlasgondal export all urls vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-0892
The Export All URLs WordPress plugin prior to 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Atlasgondal Export All Urls
4.3
CVSSv2
CVE-2022-0914
The Export All URLs WordPress plugin prior to 4.3 does not have CSRF in place when exporting data, which could allow malicious users to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download...
Atlasgondal Export All Urls
3.5
CVSSv2
CVE-2022-29452
Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.
Atlasgondal Export All Urls
NA
CVE-2023-3118
The Export All URLs WordPress plugin prior to 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Atlasgondal Export All Urls
NA
CVE-2022-27856
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <= 4.1 versions.
Atlasgondal Export All Urls
NA
CVE-2022-2638
The Export All URLs WordPress plugin prior to 4.4 does not validate the path of the file to be removed on the system which is supposed to be the CSV file. This could allow high privilege users to delete arbitrary file from the server
Atlasgondal Export All Urls
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started