The "menu sync" function in the WPML plugin prior to 3.1.9 for WordPress allows remote malicious users to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingual-cms/menu/menus-sync.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wpml wpml |