VYPR
Medium severity5.3NVD Advisory· Published May 4, 2026· Updated May 4, 2026

CVE-2026-5335

CVE-2026-5335

Description

The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

1