CVE-2024-12315
Published: 12 February 2025
Description
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads/smack_uci_uploads/exports/ directory which can contain information like exported user data.
Security Summary
CVE-2024-12315 is a sensitive information exposure vulnerability (CWE-922) in the Export All Posts, Products, Orders, Refunds & Users plugin for WordPress, affecting all versions up to and including 2.9.3. The flaw arises from insecure storage of exported data in the /wp-content/uploads/smack_uci_uploads/exports/ directory, which is accessible via the plugin's exports directory, allowing exposure of sensitive information such as exported user data.
Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity, requiring no privileges or user interaction. Successful exploitation enables extraction of sensitive data from the exports directory, resulting in high confidentiality impact but no integrity or availability effects, as reflected in the CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Advisories, including Wordfence threat intelligence, detail the issue and reference specific locations in the plugin's codebase, such as ExportExtension.php at line 1678 and changeset 3230400 in the wp-ultimate-exporter repository on the WordPress plugins trac. No patches are mentioned for affected versions.
Details
- CWE(s)