The Export All URLs WordPress plugin prior to 4.3 does not have CSRF in place when exporting data, which could allow malicious users to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download and retrieve the list of titles for example
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
atlasgondal export all urls |