UsersWP < 1.2.12 – Users Information Disclosure | CVE 2024-6477 | Plugin Vulnerabilities

Description

The plugin uses predictable filenames when an admin generates an export, which could allow unauthenticated attackers to download them and retrieve sensitive information such as IP, username, and email address

Proof of Concept

After an admin exports user data via `wp-admin/admin.php?page=userswp&tab=import-export)` a CSV file will be saved with the following name:
 
`uwp-users-export-YY-MM-DD-HH-MM.csv` in `/wp-content/uploads/cache/`

Affects Plugins

Fixed in 1.2.12

References

CVE

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CVSS

Miscellaneous

Original Researcher

Majdeddine Ben Hadj Brahim

Submitter

Majdeddine Ben Hadj Brahim

Verified

Yes

WPVDB ID

346c855a-4d42-4a87-aac9-e5bfc2242b16

Timeline

Publicly Published

2024-07-13 (about 1 year ago)

Added

2024-07-13 (about 1 year ago)

Last Updated

2024-07-13 (about 1 year ago)

Other

Published

Title

Published

2024-10-10

Title

The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce < 5.6.12 - Authenticated (Contributor+) Sensitive Information Exposure via content_template

Published

2025-12-06

Title

Rehub < 19.9.9.2 - Unauthenticated Information Exposure

Published

2025-12-23

Title

VPSUForm < 3.2.25 - Authenticated (Contributor+) Information Exposure

Published

2025-09-22

Title

WP < 6.8.3 - Contributor+ Sensitive Data Disclosure

Published

2024-03-29

Title

FG PrestaShop to WooCommerce < 4.47.0 - Unauthenticated Sensitive Information Disclosure