The Helpful WordPress plugin prior to 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow malicious users to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plugin's settings
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
helpful project helpful |