CVE-2024-12315
Published: 12 February 2025
Summary
CVE-2024-12315 is a high-severity Insecure Storage of Sensitive Information (CWE-922) vulnerability in Smackcoders Export All Posts\, Products\, Orders\, Refunds \& Users. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 37.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-22 (Publicly Accessible Content) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2024-12315 is a sensitive information exposure vulnerability (CWE-922) in the Export All Posts, Products, Orders, Refunds & Users plugin for WordPress, affecting all versions up to and including 2.9.3. The flaw arises from insecure storage of exported data in the /wp-content/uploads/smack_uci_uploads/exports/ directory, which is accessible via the plugin's exports directory, allowing exposure of sensitive information such as exported user data.
Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity, requiring no privileges or user interaction. Successful exploitation enables extraction of sensitive data from the exports directory, resulting in high confidentiality impact but no integrity or availability effects, as reflected in the CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Advisories, including Wordfence threat intelligence, detail the issue and reference specific locations in the plugin's codebase, such as ExportExtension.php at line 1678 and changeset 3230400 in the wp-ultimate-exporter repository on the WordPress plugins trac. No patches are mentioned for affected versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-50765
Vulnerability details
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.3 via the exports directory. This makes it possible for unauthenticated attackers to extract sensitive…
more
data stored insecurely in the /wp-content/uploads/smack_uci_uploads/exports/ directory which can contain information like exported user data.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct remote unauthenticated access to sensitive exported files (incl. user data) via public WP plugin directory enables T1190 for initial access and T1552.001 for unsecured credential/sensitive data retrieval.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-14 directly protects sensitive information on public web servers like WordPress by restricting unauthorized access to directories such as /wp-content/uploads/smack_uci_uploads/exports/.
AC-22 prohibits placement of sensitive exported user data in publicly accessible content directories without authorization.
AC-3 enforces access controls to prevent unauthenticated attackers from reading sensitive files in the unsecured exports directory.