WordPress Guest Posting Plugin Unauthenticated Sensitive Information Exposure Vulnerability

A vulnerability in the Guest Posting/Frontend Posting/Front Editor WordPress plugin, affecting versions prior to 5.0.6, allows unauthenticated attackers to access sensitive information. The issue arises because the plugin can regenerate a JSON file based on demo data. If an administrator customizes the demo form and activates admin notifications, an attacker can export and download all form data, including the administrator's email address.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive information, specifically form data and administrator email addresses.

Reproduction

To reproduce this vulnerability, an administrator must first edit the 'First demo form' and enable admin notifications, then save the changes. Afterward, an unauthenticated user can access a specific URL that triggers the regeneration of the JSON file containing the form data. Finally, the user can download the JSON file from the plugin's templates directory, which will include the exported form data and the administrator's email address.

Remediation

Users are advised to update the WordPress Guest Posting/Frontend Posting/Front Editor plugin to version 5.0.6 or later.