Unrated severityNVD Advisory· Published Aug 3, 2024· Updated Aug 27, 2025
UsersWP < 1.2.12 - Users Information Disclosure
CVE-2024-6477
Description
The UsersWP WordPress plugin before 1.2.12 uses predictable filenames when an admin generates an export, which could allow unauthenticated attackers to download them and retrieve sensitive information such as IP, username, and email address
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/346c855a-4d42-4a87-aac9-e5bfc2242b16/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.