Vincent Theriault-Laine

**Name of the Vulnerable Software and Affected Versions** WP All Export plugin for WordPress versions prior to 1.4.15 **Description** The WP All Export plugin for WordPress is susceptible to exposure of sensitive information in versions up to and including 1.4.14. This occurs through the export download endpoint due to a PHP type juggling issue. The security token comparison utilizes loose comparison (==) instead of strict comparison (===). This allows unauthenticated attackers to bypass authentication using specific "magic hash" values when the expected MD5 hash prefix appears numeric. Successful exploitation enables the download of sensitive export files, potentially containing personally identifiable information (PII), business data, or database information. The vulnerable endpoint is '/export download'. The comparison involves a security token, and the issue stems from the use of loose comparison with the `==` operator. **Recommendations** Update WP All Export plugin to version 1.4.15 or later.

**Name of the Vulnerable Software and Affected Versions** Robin Image Optimizer – Unlimited Image Optimization & WebP Converter plugin for WordPress versions up to and including 2.0.2 **Description** The Robin Image Optimizer plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs due to inadequate input sanitization and output escaping in the 'Alternative Text' field when uploading images to the Media Library. Authenticated attackers with Author-level access or higher can inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page. **Recommendations** Update the Robin Image Optimizer plugin to a version beyond 2.0.2.