Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-20067 PoC — WP Attachment Export < 0.2.4 - Unauthenticated Posts Download

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-20067.yaml
Associated Vulnerability
Title:WP Attachment Export < 0.2.4 - Unauthenticated Posts Download (CVE-2015-20067)
Description:The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls, allowing unauthenticated users to download the XML data that holds all the details of attachments/posts on a Wordpress
Description
The plugin does not have proper access controls, allowing unauthenticated users to download the XML data that holds all the details of attachments/posts on a Wordpress
powered site. This includes details of even privately published posts and password protected posts with their passwords revealed in plain text.
File Snapshot

 id: CVE-2015-20067

info:
  name: WP Attachment Export < 0.2.4 - Unrestricted File Download
  author

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →