Social Metrics Tracker <= 1.6.8 – Unauthorised Data Export

Description

The lack of proper authorisation when exporting data from the plugin could allow unauthenticated users to get information about the posts and page of the blog, including their author's username and email.

The plugin is still affected and has been closed.

Proof of Concept

curl https://example.com/wp-admin/admin-ajax.php?page=social-metrics-tracker-export&smt_download_export_file=1

Affects Plugins

social-metrics-tracker

No known fix

Miscellaneous

Verified

Yes

WPVDB ID

f4eed3ba-2746-426f-b030-a8c432defeb2

Timeline

Publicly Published

2019-09-18 (about 6 years ago)

Added

2020-03-02 (about 5 years ago)

Last Updated

2020-03-02 (about 5 years ago)

Other

Published

Title

Published

2020-05-06

Title

Elementor < 2.9.8 - SVG Sanitizer Bypass leading to Authenticated Stored XSS

Published

2014-06-26

Title

JSON REST API 1.1 - JSONP SOP Bypass

Published

2025-06-26

Title

Stop User Enumeration < 1.7.3 - Protection Bypass

Published

2019-04-24

Title

WP Database Backup < 5.2 - Unauthenticated OS Command Injection

Published

2021-11-30

Title

LiteSpeed Cache < 4.4.4 - IP Check Bypass to Unauthenticated Stored XSS