Description
WordPress Plugin WP Attachment Export is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin WP Attachment Export version 0.2.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.2.4 or latest
References
Related Vulnerabilities
Drupal Reliance on Cookies without Validation and Integrity Checking Vulnerability (CVE-2022-29248)
MySQL CVE-2019-2691 Vulnerability (CVE-2019-2691)
WordPress Plugin Backup Migration Information Disclosure (1.2.8)
Atlassian Jira Improper Authentication Vulnerability (CVE-2021-39119)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37149)