CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25602 – WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability
https://notcve.org/view.php?id=CVE-2022-25602
16 Mar 2022 — Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7). Se ha detectado una vulnerabilidad de filtrado de token nonce que conlleva a una carga arbitraria de archivos, la eliminación de temas y el cambio de la configuración del plugin en el plugin Responsive Menu de WordPress (versiones anteriores a 4.1.7 incluyéndola) The Responsive Menu plugin for WordPress is vulnerable to authorization bypa... • https://patchstack.com/database/vulnerability/responsive-menu/wordpress-responsive-menu-plugin-4-1-7-nonce-token-leak-leading-to-arbitrary-file-upload-theme-deletion-plugin-settings-change-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2021-24162 – Responsive Menu < 4.0.4 - CSRF to Settings Update
https://notcve.org/view.php?id=CVE-2021-24162
10 Feb 2021 — In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an attacker to inject payloads that could aid in further infection of the site. En los plugins de WordPress Reponsive Menu (free y Pro) versiones anteriores a 4.0.4, los atacantes podían diseñar una petición y engañar a un administrador para que importara todas las ... • https://wpscan.com/vulnerability/923fc3a3-4bcc-4b48-870a-6150e14509b5 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 4CVE-2021-24160 – Responsive Menu 4.0.0 - 4.0.3 - Authenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-24160
10 Feb 2021 — In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site. En los plugins de WordPress Reponsive Menu (free y Pro) versiones anteriores a 4.0.4, los suscriptores podían subir archivos zip que ... • https://github.com/hnthuan1998/Exploit-CVE-2021-24160 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-24161 – Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2021-24161
10 Feb 2021 — In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site. En los plugins de WordPress Reponsive Menu (free y Pro) versiones anteriores a 4.0.4, unos atacantes podrían diseñar una petición y engañar a un administrador para que cargue un archivo zip que contenga archiv... • https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18513 – Responsive Menu <= 3.1.3 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-18513
14 Aug 2019 — The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. El plugin responsive-menu versiones anteriores a 3.1.4 para WordPress, no presenta un mecanismo de protección CSRF para la interfaz de la administración. • https://wordpress.org/plugins/responsive-menu/#developers • CWE-352: Cross-Site Request Forgery (CSRF) •