VYPR

Single Post Exporter

by WordPress

CVEs (1)

  • CVE-2021-24780MedDec 13, 2021
    risk 0.28cvss 4.3epss 0.00

    The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users…