Description
WordPress Plugin WP Attachment Export is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin WP Attachment Export version 0.2.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.2.4 or latest
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.7.94)
Oracle Database Server CVE-2011-2257 Vulnerability (CVE-2011-2257)
WordPress Plugin WordPress WP-Advanced-Search SQL Injection (3.3.5)
Oracle Database Server CVE-2008-1821 Vulnerability (CVE-2008-1821)
WordPress Plugin Gwolle Guestbook Multiple Vulnerabilities (2.1.0)