Magic Export and Import WordPress Plugin Unauthenticated Sensitive Data Disclosure Vulnerability

A vulnerability exists in the Magic Export & Import WordPress plugin in versions prior to 1.2.0. The plugin improperly stores exported CSV files in a publicly accessible directory, allowing any visitor to access and potentially leak sensitive user information. This issue arises because the exported data can be retrieved from a predictable URL pattern, exposing personal information without authentication.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive user information, which could be misused or disclosed without consent.

Reproduction

To reproduce this vulnerability, request the exported CSV file from the publicly accessible export directory of the Magic Export & Import WordPress plugin. The file can be accessed via a predictable URL that includes the domain and the export directory path. This URL pattern allows unauthenticated users to download the exported data, which may contain sensitive personal information.

Remediation

Users are advised to update the Magic Export & Import WordPress plugin to version 1.2.0 or later, where this vulnerability has been fixed.