Vulnerabilities > CVE-2021-24942 - Unspecified vulnerability in Menu Item Visibility Control Project Menu Item Visibility Control 0.5

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

menu-item-visibility-control-project

NVD

Published: 2022-12-26

Updated: 2023-11-07

Summary

The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.

Vulnerable Configurations

Part	Description	Count
Application	Menu_Item_Visibility_Control_Project Menu Item Visibility Control Project Menu Item Visibility Control - Menu Item Visibility Control Project Menu Item Visibility Control 0.5	2

References

https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418