Atlasgondal Export All Urls — known CVE vulnerabilities
Every CVE whose affected-product data names Atlasgondal Export All Urls, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-2638 — CVSS 6.5 (medium): The Export All URLs WordPress plugin before 4.4 does not validate the path of the file to be removed on the system which is supposed to be…
CVE-2022-0914 — CVSS 6.5 (medium): The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a…
CVE-2023-3118 — CVSS 6.1 (medium): The Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading…
CVE-2022-0892 — CVSS 6.1 (medium): The Export All URLs WordPress plugin before 4.2 does not sanitise and escape the CSV filename before outputting it back in the page…
CVE-2023-51510 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Atlas Gondal Export Media URLs.This issue affects Export Media URLs: from n/a through…
CVE-2022-29452 — CVSS 3.4 (low): Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.