Description
WordPress Plugin Aspose Importer & Exporter is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Aspose Importer & Exporter versions 2.0 and prior are vulnerable.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Timeline Calendar SQL Injection (1.2)
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
SugarCRM Other Vulnerability (CVE-2006-2460)
MySQL CVE-2022-21342 Vulnerability (CVE-2022-21342)
Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)