Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlasgondal export all urls vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-2638
The Export All URLs WordPress plugin prior to 4.4 does not validate the path of the file to be removed on the system which is supposed to be the CSV file. This could allow high privilege users to delete arbitrary file from the server
Atlasgondal Export All Urls
6.1
CVSSv3
CVE-2023-3118
The Export All URLs WordPress plugin prior to 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Atlasgondal Export All Urls
6.1
CVSSv3
CVE-2022-0892
The Export All URLs WordPress plugin prior to 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting
Atlasgondal Export All Urls
5.4
CVSSv3
CVE-2022-27856
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Atlas Gondal Export All URLs plugin <= 4.1 versions.
Atlasgondal Export All Urls
6.5
CVSSv3
CVE-2022-0914
The Export All URLs WordPress plugin prior to 4.3 does not have CSRF in place when exporting data, which could allow malicious users to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download...
Atlasgondal Export All Urls
4.8
CVSSv3
CVE-2022-29452
Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.
Atlasgondal Export All Urls
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started