Security Advisory

CVE-2023-4724

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-18 20:08:04

Last updated 2025-05-20 17:58:39

Assigner WPScan

State PUBLISHED

Description

The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro WordPress plugin before 1.8.6 does not validate and sanitise the `wp_query` parameter which allows an attacker to run arbitrary command on the remote server

← Browse all CVEs View on cve.org ↗