Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expresstech responsive menu vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-25602
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7).
Expresstech Responsive Menu
8.8
CVSSv3
CVE-2021-24161
In the Reponsive Menu (free and Pro) WordPress plugins prior to 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further i...
Expresstech Responsive Menu
8.8
CVSSv3
CVE-2021-24160
In the Reponsive Menu (free and Pro) WordPress plugins prior to 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote cod...
Expresstech Responsive Menu
1 Github repository
8.8
CVSSv3
CVE-2021-24162
In the Reponsive Menu (free and Pro) WordPress plugins prior to 4.0.4, attackers could craft a request and trick an administrator into importing all new settings. These settings could be modified to include malicious JavaScript, therefore allowing an malicious user to inject payl...
Expresstech Responsive Menu
8.8
CVSSv3
CVE-2017-18513
The responsive-menu plugin prior to 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
Expresstech Responsive Menu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started