WordPress Plugin Vulnerabilities

WP Ultimate Exporter < 2.9.1 - Authenticated (Admin+) Arbitrary File Read

Description

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.9. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.

Affects Plugins

Plugin icon
wp-ultimate-exporter
Fixed in 2.9.1

References

CVE
CVE-2025-24611
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/72fb0557-27ac-40fe-8440-06c89e1133be

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
4.9 (medium)

Miscellaneous

Original Researcher
I8BL
Verified
No
WPVDB ID
a2c47608-e29e-4890-8e0d-f9878a8ee6bb

Timeline

Publicly Published
2025-01-24 (about 1 year ago)
Added
2025-01-28 (about 1 year ago)
Last Updated
2025-01-28 (about 1 year ago)

Other

Published
Title
Published
2026-01-27
Title
Snow Monkey Forms < 12.0.4 - Unauthenticated Arbitrary File Deletion
Published
2017-02-10
Title
Javo Spot Premium Theme - Unauthenticated Directory Traversal
Published
2026-01-13
Title
Anona <= 8.0 - Unauthenticated Arbitrary File Deletion
Published
2025-02-17
Title
Keap Official Opt-in Forms < 2.0.2 - Unauthenticated Limited Local File Inclusion
Published
2024-05-10
Title
WP Fastest Cache < 1.2.7 - Admin+ Arbitrary File Deletion