High severity7.2NVD Advisory· Published Oct 25, 2022· Updated Jun 17, 2026
CVE-2022-3394
CVE-2022-3394
Description
The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.9
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/3266eb59-a8b2-4a5a-ab48-01a9af631b2cnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.