CVE-2021-24160

Published: Apr 5, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.

Affected (2)

Products: Expresstech: Responsive Menu

1 product

Responsive Menu

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Expresstech Responsive Menu	Before 4.0.4
Expresstech Responsive Menu	Before 4.0.4

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37

Source: contact@wpscan.com

ExploitThird Party Advisory

https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.