exploitDog

CVE-2021-24942

Опубликовано: 26 дек. 2022

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

Ссылки

https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:menu_item_visibility_control_project:menu_item_visibility_control:*:*:*:*:*:wordpress:*:*

Версия до 0.5 (включая)

EPSS

Процентиль: 76%

0.00978

Низкий

7.2 High

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vgw7-4fx3-67r7

CVSS3: 7.2

github

около 3 лет назад

The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

EPSS

Процентиль: 76%

0.00978

Низкий

7.2 High

CVSS3

Дефекты

NVD-CWE-Other