Chamber Dashboard Business Directory Missing Authorization Vulnerability Allowing Unauthenticated Data Export

Vulnerability

A vulnerability exists in the Chamber Dashboard Business Directory plugin for WordPress, in all versions through 3.3.11. The issue arises from a lack of proper capability checks in the cdash_watch_for_export() function, allowing unauthenticated attackers to export sensitive business directory information.

Impact

Exploitation of this vulnerability allows for unauthorized data export, including sensitive business details, from the WordPress business directory.

Added: Nov 25, 2025, 8:27 AM

Updated: Nov 25, 2025, 8:27 AM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

9.0

remediation

0.0

relevance

1.1

threat

3.2

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

9.0

remediation

0.0

relevance

1.1

threat

3.2

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Chamber Dashboard Business Directory Missing Authorization Vulnerability Allowing Unauthenticated Data Export

Vulnerability

Impact

Affected Products

Chamber Dashboard Business Directory

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating