Vulnerability Description
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Expresstech | Responsive Menu | < 4.0.4 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37ExploitThird Party Advisory
- https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-respoExploitThird Party Advisory
- https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37ExploitThird Party Advisory
- https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-respoExploitThird Party Advisory
FAQ
What is CVE-2021-24160?
CVE-2021-24160 is a vulnerability with a CVSS score of 8.8 (HIGH). In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These fi...
How severe is CVE-2021-24160?
CVE-2021-24160 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-24160?
Check the references section above for vendor advisories and patch information. Affected products include: Expresstech Responsive Menu.