CVE-2021-24249

The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc

Date published : 2021-05-05

https://wpscan.com/vulnerability/fc4cf749-34ef-43b8-a529-5065d698ab81