Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Technical Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

WP ALL Export Pro < 1.7.9 – Authenticated Code Injection

Vulnerability

WP ALL Export Pro < 1.7.9 – Authenticated Code Injection

Description

The plugin does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can run exports, but the privilege can be delegated to lower privileged users.

CVE-ID

CVE-2022-3394

Vendor

Soflyy

Product

WP ALL Export Pro

Disclosure Timeline

Reported On: 18-08-2022

Made Public On: 03-10-2022

Fixed On: 30-08-2022

Credits

Sanjay Das

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

DOWNLOAD A SAMPLE REPORT

Fill in your details and get your copy of sample report in few seconds

Let’s make cyberspace secure together!

Requirements

What our clients are saying!

Trusted by