CVE-2026-1582

LOW

3.7

Descripcion

The WP All Export plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.14 via the export download endpoint. This is due to a PHP type juggling vulnerability in the security token comparison which uses loose comparison (==) instead of strict comparison (===). This makes it possible for unauthenticated attackers to bypass authentication using "magic hash" values when the expected MD5 hash prefix happens to be numeric-looking (matching pattern ^0e\d+$), allowing download of sensitive export files containing PII, business data, or database information.

Detalles CVE

Puntuacion CVSS v3.13.7

SeveridadLOW

Vector CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Vector de ataqueNETWORK

ComplejidadHIGH

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado2/18/2026

Ultima modificacion2/18/2026

Fuentenvd

Avistamientos honeypot0

Debilidades (CWE)

CWE-200

Referencias

https://plugins.trac.wordpress.org/browser/wp-all-export/tags/1.4.14/actions/wp_loaded.php#L19(security@wordfence.com)

https://plugins.trac.wordpress.org/changeset/3455775/(security@wordfence.com)

https://www.wordfence.com/threat-intel/vulnerabilities/id/9a92c682-b8b3-4d23-bd84-97d7440ee525?source=cve(security@wordfence.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.