WordPress Plugin Vulnerabilities

WP All Export (Free < 1.4.1, Pro < 1.8.6) - Remote Code Execution via CSRF

Description

The plugin does not check nonce tokens early enough in the request lifecycle, allowing attackers to make logged in users perform unwanted actions leading to remote code execution.

Proof of Concept

Affects Plugins

Plugin icon
wp-all-export
Fixed in 1.4.1
Plugin icon
wp-all-export-pro
Fixed in 1.8.6

References

CVE
CVE-2023-5882

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
9.6 (critical)

Miscellaneous

Original Researcher
Francesco Marano (@mrnfrancesco), Donato Di Pasquale (@ddipa)
Submitter
Unlock Security
Submitter website
https://www.unlock-security.it/
Submitter twitter
unlock_security
Verified
Yes
WPVDB ID
72be4b5c-21be-46af-a3f4-08b4c190a7e2

Timeline

Publicly Published
2023-11-21 (about 2 years ago)
Added
2023-11-21 (about 2 years ago)
Last Updated
2023-11-21 (about 2 years ago)

Other

Published
Title
Published
2024-01-30
Title
Don't Muck My Markup <= 1.8 - Cross-Site Request Forgery
Published
2025-01-16
Title
Error Notification <= 0.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-11-24
Title
Conditional Maintenance Mode for WordPress < 2.0.0 - Cross-Site Request Forgery
Published
2025-06-05
Title
Interactive UK Regional Map <= 2.0 - Cross-Site Request Forgery
Published
2024-12-12
Title
AppMaps <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting