Search criteria
10 vulnerabilities found for responsive_menu by expresstech
CVE-2022-25602 (GCVE-0-2022-25602)
Vulnerability from nvd – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
VLAI
Title
WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
Summary
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
Severity
8.3 (High)
CWE
- CWE-200 - Information Exposure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/responsive-menu/#de… | x_refsource_CONFIRM |
| https://patchstack.com/database/vulnerability/res… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu (WordPress plugin) |
Affected:
<= 4.1.7 , ≤ 4.1.7
(custom)
|
Date Public
2022-03-16 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T19:18:14.132063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T20:30:18.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu (WordPress plugin)",
"vendor": "ExpressTech",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "\u003c= 4.1.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vulnerability discovered by Dave Jong (Patchstack)."
}
],
"datePublic": "2022-03-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions \u003c= 4.1.7)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:07:38.883Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 4.1.8 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Responsive Menu plugin \u003c= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-03-16T11:48:00.000Z",
"ID": "CVE-2022-25602",
"STATE": "PUBLIC",
"TITLE": "WordPress Responsive Menu plugin \u003c= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "\u003c= 4.1.7",
"version_value": "4.1.7"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Dave Jong (Patchstack)."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions \u003c= 4.1.7)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/responsive-menu/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 4.1.8 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2022-25602",
"datePublished": "2022-03-18T18:00:26.675Z",
"dateReserved": "2022-02-21T00:00:00.000Z",
"dateUpdated": "2026-04-28T16:07:38.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-24162 (GCVE-0-2021-24162)
Vulnerability from nvd – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu < 4.0.4 - CSRF to Settings Update
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site.
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
| https://wpscan.com/vulnerability/923fc3a3-4bcc-4b… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu \u003c 4.0.4 - CSRF to Settings Update",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24162",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu \u003c 4.0.4 - CSRF to Settings Update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"name": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24162",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24161 (GCVE-0-2021-24161)
Vulnerability from nvd – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
| https://wpscan.com/vulnerability/efca27e0-bdb6-44… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu \u003c 4.0.4 - CSRF to Arbitrary File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24161",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu \u003c 4.0.4 - CSRF to Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"name": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24161",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24160 (GCVE-0-2021-24160)
Vulnerability from nvd – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.
Severity
No CVSS data available.
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/066ba5d4-4aaa-44… | x_refsource_CONFIRM |
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24160",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24160",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18513 (GCVE-0-2017-18513)
Vulnerability from nvd – Published: 2019-08-14 15:31 – Updated: 2024-08-05 21:28
VLAI
Summary
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/responsive-menu/#de… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:28:54.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-14T15:31:25.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/responsive-menu/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18513",
"datePublished": "2019-08-14T15:31:25.000Z",
"dateReserved": "2019-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:28:54.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25602 (GCVE-0-2022-25602)
Vulnerability from cvelistv5 – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
VLAI
Title
WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
Summary
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
Severity
8.3 (High)
CWE
- CWE-200 - Information Exposure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/responsive-menu/#de… | x_refsource_CONFIRM |
| https://patchstack.com/database/vulnerability/res… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu (WordPress plugin) |
Affected:
<= 4.1.7 , ≤ 4.1.7
(custom)
|
Date Public
2022-03-16 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:42:50.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T19:18:14.132063Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T20:30:18.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu (WordPress plugin)",
"vendor": "ExpressTech",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "\u003c= 4.1.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vulnerability discovered by Dave Jong (Patchstack)."
}
],
"datePublic": "2022-03-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions \u003c= 4.1.7)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:07:38.883Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 4.1.8 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Responsive Menu plugin \u003c= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2022-03-16T11:48:00.000Z",
"ID": "CVE-2022-25602",
"STATE": "PUBLIC",
"TITLE": "WordPress Responsive Menu plugin \u003c= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "\u003c= 4.1.7",
"version_value": "4.1.7"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Dave Jong (Patchstack)."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions \u003c= 4.1.7)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/responsive-menu/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 4.1.8 or higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2022-25602",
"datePublished": "2022-03-18T18:00:26.675Z",
"dateReserved": "2022-02-21T00:00:00.000Z",
"dateUpdated": "2026-04-28T16:07:38.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-24161 (GCVE-0-2021-24161)
Vulnerability from cvelistv5 – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
| https://wpscan.com/vulnerability/efca27e0-bdb6-44… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu \u003c 4.0.4 - CSRF to Arbitrary File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24161",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu \u003c 4.0.4 - CSRF to Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"name": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24161",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24160 (GCVE-0-2021-24160)
Vulnerability from cvelistv5 – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site.
Severity
No CVSS data available.
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/066ba5d4-4aaa-44… | x_refsource_CONFIRM |
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24160",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/066ba5d4-4aaa-4462-b106-500c1f291c37"
},
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24160",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24162 (GCVE-0-2021-24162)
Vulnerability from cvelistv5 – Published: 2021-04-05 18:27 – Updated: 2024-08-03 19:21
VLAI
Title
Responsive Menu < 4.0.4 - CSRF to Settings Update
Summary
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site.
Severity
No CVSS data available.
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.wordfence.com/blog/2021/02/multiple-v… | x_refsource_MISC |
| https://wpscan.com/vulnerability/923fc3a3-4bcc-4b… | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ExpressTech | Responsive Menu – Create Mobile-Friendly Menu |
Affected:
4.0.4 , < 4.0.4
(custom)
|
|
| ExpressTech | Responsive Menu Pro |
Affected:
4.0.4 , < 4.0.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:21:18.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
},
{
"product": "Responsive Menu Pro",
"vendor": "ExpressTech",
"versions": [
{
"lessThan": "4.0.4",
"status": "affected",
"version": "4.0.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chloe Chamberland"
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T18:27:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Responsive Menu \u003c 4.0.4 - CSRF to Settings Update",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24162",
"STATE": "PUBLIC",
"TITLE": "Responsive Menu \u003c 4.0.4 - CSRF to Settings Update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Responsive Menu \u2013 Create Mobile-Friendly Menu",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
},
{
"product_name": "Responsive Menu Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.0.4",
"version_value": "4.0.4"
}
]
}
}
]
},
"vendor_name": "ExpressTech"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Chloe Chamberland"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"
},
{
"name": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5",
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24162",
"datePublished": "2021-04-05T18:27:43.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:21:18.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-18513 (GCVE-0-2017-18513)
Vulnerability from cvelistv5 – Published: 2019-08-14 15:31 – Updated: 2024-08-05 21:28
VLAI
Summary
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/responsive-menu/#de… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:28:54.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-14T15:31:25.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/responsive-menu/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/responsive-menu/#developers"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18513",
"datePublished": "2019-08-14T15:31:25.000Z",
"dateReserved": "2019-08-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:28:54.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}