CVE-2022-47160 – WordPress Wp Social Plugin <= 1.9.0 is vulnerable to Sensitive Data Exposure

https://notcve.org/view.php?id=CVE-2022-47160

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wpmet Wp Social Login and Register Social Counter.This issue affects Wp Social Login and Register Social Counter: from n/a through 1.9.0. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Wpmet Wp Social Login and Register Social Counter. Este problema afecta a Wp Social Login y Register Social Counter: desde n/a hasta 1.9.0. The Wp Social plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.9.0. This is due to missing capability checks on the 'export_users_content_csv' function. • https://patchstack.com/database/vulnerability/wp-social/wordpress-wp-social-plugin-1-9-0-auth-sensitive-information-disclosure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-352: Cross-Site Request Forgery (CSRF) •