search

mathetos / export-users-to-csv

A plugin that export ALL user data and meta data, and that works! You can even export the users by role and registration date range.
GNU General Public License v3.0
9 stars 10 forks source link

Injection vulnerability #14

Closed FrancoGabriel closed 6 years ago

FrancoGabriel commented 6 years ago

Hey guys, how are you ? We found a vulnerability in the plugin but we don't know where we should send you the details for fixing it!

Is there any email for doing this ?

mathetos commented 6 years ago

If you can submit the issue here, and even a PR that would be excellent.

If you want to email me, do so through my contact form: https://www.mattcromwell.com/hi-im-matt/contact-me/

FrancoGabriel commented 6 years ago

Hey Matt, I have sent to you by your contact form all data you need.

Please let me know if you have not receive it.

2018-04-02 17:08 GMT-03:00 Matt Cromwell notifications@github.com:

If you can submit the issue here, and even a PR that would be excellent.

If you want to email me, do so through my contact form: https://www.mattcromwell.com/hi-im-matt/contact-me/

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mathetos/export-users-to-csv/issues/14#issuecomment-378029298, or mute the thread https://github.com/notifications/unsubscribe-auth/AEnvGGW6lWpKJQytksdkgo52Zq4lz6yQks5tkoVSgaJpZM4TCi3t .

ethicalhack3r commented 6 years ago

Hi!

Can you confirm if this issue is related to this specific vulnerability? https://wpvulndb.com/vulnerabilities/9119 (CVE-2018-15571)

If so, do you know in which version it was fixed, if at all? I couldn't find it mentioned in the changelog.

Thanks, Ryan