The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Sensitive Information Exposure via Directory Listing due to missing restriction in export folder indexing in versions up to, and including, 7.9.8. This makes it possible for unauthenticated attackers to list and view exported files.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-08-04T02:04:27.318Z
Updated: 2024-08-02T07:17:12.134Z
Reserved: 2023-08-03T13:53:20.933Z
Link: CVE-2023-4139
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-04T03:15:13.813
Modified: 2024-11-21T08:34:28.247
Link: CVE-2023-4139
Redhat
No data.