← Back

Single Post Exporter

single_post_exporter

Vendor: Single Post Exporter Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24780
1Single Post Exporter Project
1Single Post Exporter
Jun 17, 2026
Dec 13, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the expor...Show more
The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users would then be able to export an arbitrary post/page (such as private and password protected) via a direct URLShow less