3 matches found
CVE-2021-24161
In the Reponsive Menu free and Pro WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted si...
CVE-2021-24161 Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload
In the Reponsive Menu free and Pro WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted si...
CVE-2021-24161
The CVE concerns the WordPress plugin Reponsive Menu (free and Pro) prior to 4.0.4. A CSRF-style flaw lets an attacker craft a request that tricks an administrator into uploading a ZIP archive containing malicious PHP files; the attacker can access these files and achieve remote code execution, e...