PT-2025-51053 · WordPress · Export Wp Page To Static Html & Pdf
Published
2025-12-13
·
Updated
2026-04-23
·
CVE-2025-11693
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Export WP Page to Static HTML & PDF plugin for WordPress versions up to and including 4.3.4
Description
The software is susceptible to sensitive information exposure due to publicly exposed
cookies.txt files containing authentication cookies. This allows unauthenticated attackers to potentially access cookies, including those injected into the log file when a site administrator triggers a backup using a specific user role, such as 'administrator'. This could lead to complete site compromise.Recommendations
Disable the plugin for versions prior to and including 4.3.4.
Restrict access to the
cookies.txt file.Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Export Wp Page To Static Html & Pdf