Login

Tag Archives: WP Ultimate Exporter

Plugin Security Scorecard Grade for WP Ultimate Exporter

Checked on September 16, 2024
F

See issues causing the plugin to get less than A+ grade

4 Mar 2020

Authenticated Information Disclosure Vulnerability in WP Ultimate Exporter

On Monday while looking into why the plugin WP Ultimate CSV Importer was being targeted by a hacker we noticed that the companion plugin WP Ultimate Exporter is similarly insecure and contains an authenticated information disclosure vulnerability, which can also be exploited through cross-site request forgery (CSRF). This isn’t the first time we found an issue with this plugin and we put out a general warning about the security of the developer’s plugins back in 2016.

The plugin registers the function parseData() to be accessible through WordPress’ AJAX functionality to anyone logged in to WordPress: [Read more]

4 Mar 2016

Information Disclosure Vulnerability in WP Ultimate Exporter

There are certain kind of plugins you would hope that anyone developing one would be very careful when doing so, one of those being a plugin that allows you to export non-public data from WordPress. That unfortunately isn’t always case, as the following vulnerability shows (and another vulnerability we will release the details of on a later date).

WP Ultimate Exporter is a plugin that allows you to export posts, pages, and custom posts as CSV files. While reviewing a report of a SQL injection vulnerability in the plugin we noticed that there was another connected issue, the plugin allows anyone to perform an export operation and get the resulting file. That clearly is not the intent as the plugin’s page in the WordPress admin area is only available to users with the Admin role. Unfortunately none of the code run when the actual request for an export is made actually checks to make sure that the request comes from an admin user. [Read more]