CVE-2021-24780

low-risk
Published 2021-12-13

The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and give access to the export feature to any role such as subscriber. Subscriber users would then be able to export an arbitrary post/page (such as private and password protected) via a direct URL

Do I need to act?

-
0.10% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Single Post Exporter

Affected Vendors

Single Post Exporter Project

References (2)

Exploit https://wpscan.com/vulnerability/8764e550-4127-471e-84e6-494d6106a3b0
Exploit https://wpscan.com/vulnerability/8764e550-4127-471e-84e6-494d6106a3b0
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal